Sumner Lemon wrote a piece on NKill entitled: "NKill Aims to Catalog Vulnerabilities of Every Computer".
The article is a bit ambiguous and I should clarify:
One of NKill's objectives is to catalog every referenced public machine or network. Starting with all .com, .net, .org domains, www.DOMAIN, mail exchange records, nameservers, etc. and grab the version banners of the software they are running.
Nkill will be really useful for profiling a target during a security assessment because IP4 transforms are hard to perform without a database. Given an IP4 address, shitty sites like domaintools will tell you which virtual hosts are sharing the same address, that's it and they will charge you a fee for that information. They won't tell you which organisations (domains) are trusting this IP address for their mail, nameservers, etc.
With NKill, when a new vulnerability is discovered (e.g. IIS, postfix, apache, php...) we can instantly known which domains are vulnerable; you can pull that information for a whole country and we can also monitor how long it takes for people to react and patch their boxes.
Roberto from Zone-H told me I am going to make a lot of new friends with this project. I guess I'll have to hire some of our troll moderators from k.com.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment