Versions Compared

Old Version 6

changes.mady.by.user Alejandro Caceres

Saved on

compared with

New Version Current

changes.mady.by.user Alejandro Caceres

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The idea behind PunkSPIDER is very simple - we're doing a bunch of complicated stuff to find insecurities in websites. This search engine , just provides a simple way for you to search if find out if we've found vulnerabilities in a website that you use or own has a vulnerability in it. There's just a few things that you need to know to get started.

...

Vulnerabilities in websites can be devastating to you , the as a user. If a website is storing your sensitive information, a single vulnerability could potentially cause this information to be stolen. For sites that aren't storing your information, they can be riddled with malware or other nasty things - these websites should be avoided. For website owners, having a dangerous website can obviously be bad for business if you get hacked and have to tell your customers that you've lost their information or that they contracted malware from your website.

Searching for stuff

Searching for stuff is easy. In most cases, just type in a part of a URL like google when searching for google.com or hyperiongray when searching for websites in the domain of hyperiongray.com. If you need more advanced search help check out this link here.

OK, I found the website I want, what now? How do I use this information?

Well, in simplest terms, if the website you searched for has any vulnerabilities, you should avoid that website. If you absolutely can't avoid it all together, at least avoid giving the website any of your personal or financial information. If you absolutely must create an account on that website, don't re-use any usernames or passwords from any of your other accounts.

Let's do an example together. Let's say you're worried that Hyperion Gray's website has a vulnerability. The website is located at http://www.hyperiongray.com. So you've typed in hyperiongray in the search bar and come back with this:

...

Code Block
Hyperion Gray, LLC

 http://www.hyperiongray.com/
 Timestamp: Mon Jan 21 04:26:03 GMT 2013 
 BSQLI:0 | SQLI:0 | XSS:0 | TRAV: 0 | MXI: 0 | OSCI: 0 | XPATHI: 0

 

The three numbers stuff below the Timestamp field show 3 shows the 7 types of vulnerabilities . For most purposes the general rule of thumb is to avoid websites where the BSQLI or SQLI number is greater than 0 and be very wary of websites with XSS greater than 0. These letters represent three types of vulnerabilities and the numbers next to them represent the number of each type of vulnerability found by our scanner. You can read more about each one here:that PunkSPIDER is checking for and the results of our check. If you see anything other than 0's, BE CAREFUL on that website! Avoid it if you can and be very cautious if you can't. One very important thing to note is that if we found 0 vulnerabilities, that does not necessarily mean they don't exist, it just means that we haven't found any yet. We're here to help but your most important tool is always your own best judgement

If you are new to web security, this probably looks like a bunch of nonsense, but these are abbreviations for the vulnerabilities that we're checking for. You can read about each one in layman's terms at the links below, but you don't really need to know the details if you're just a casual user, the above information should be enough to get you started. If you're curious, however, feel free to read on!

...

I still have more questions

No problem! Just email us at punkspider@hyperiongray.com and ask away. We try to be 're friendly and responsive, so don't be shy!

...