• Subscribe to the low volume list for updates.

BlindElephant Scanner Online

A BlindElephant scan will attempt to determine the version of content management systems and other web scripts. This is useful when assessing the security of a given web site.

The Whatweb scanner is a similar tool, but one that tries to determine the types of technology in use. It can sometimes detect the version of an application passively from the source HTML.

Launch BlindElephant Web Application Version Scan
Login for access to BlindElephant Web Application Tool
Detect version of 13 common web applications

MEMBERSHIP BENEFITS
  • Discover the version of 13 common web applications
  • Determine if a known vulnerable application version is in use
  • Most effective against older applications (limited recent updates)
  • Access to 27 Vulnerability Scanners and OSINT Tools
  • Trusted Open Source Tools

Immediate access is available to new members or login now if you already have an account.

How do I run a BlindElephant scan?

1.  Enter target website to test. Targets can be entered individually or as a list for bulk uploads.

2.  Select application to assess.

3.  Enter an email address and select start for the testing to begin. Results will be emailed once the test has completed.

About the BlindElephant Scanner

This scan is used to identify the version of a web application; the application may be a web forum, blog or phpmyadmin. The important thing to note about these types of applications is that there are many publicly available exploits for different versions of the applications. An exploit in a single small web application can be the foothold that an attacker will capitalise on to get deeper access on the server and perhaps even compromise of an entire organisation.

So it is vitally important that web application such as those assessed by the Blindelephant scan are kept up to date.

BlindElephant is a tool for fingerprinting your web application version. Security vulnerabilities in well known web applications are a common attack vector. Keeping your web applications up to date can reduce your risk of being hacked significantly.

BlindElephant was created for remotely "fingerprinting" which Web apps and plug-ins are running on a server before the bad guys can find and exploit weaknesses in them.

The BlindElephant Web Application Fingerprinter will try to discover the version of a web application by comparing static files against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and fairly accurate. The tool was presented at BlackHat and the slides are available here.

Sourceforge Project Page: https://sourceforge.net/projects/blindelephant/