There are literally hundreds of thousands of websites running old web applications that are running vulnerable code just waiting to be hacked. It might start with a quick forum install or content management system that will keep running for years. If there were any bugs in the code, and it is a common application they are quickly fixed and new versions of the software are released. Just browse through some of the web application exploits over at Exploit-DB, try searching for wordpress, joomla, phpmyadmin or drupal – you may be
surprised at what you find.
Keeping your web application code base updated is an important web site management function. Enter BlindElephant and WhatWeb, these two tools are web application finger-printers. Handy tools for web site owners, penetration testers and vulnerability testing. They will provide you with not only the software installed but also the versions using various methods. Visit the respective websites for full information on the techniques, and for a quick test run head over to our new scan pages below.
BlindElephant web app version scan @ HackerTarget.com
WhatWeb web app identification scan @ HackerTarget.com
