Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

What's going on here, how do I use this?

The idea behind PunkSPIDER is very simple - we're doing a bunch of complicated stuff to find insecurities in websites. This search engine, just provides a simple way for you to search if a website that you use or own has a vulnerability in it. There's just a few things that you need to know to get started.

Why should I care?

Vulnerabilities in websites can be devastating to you, the user. If a website is storing your sensitive information, a single vulnerability could potentially cause this information to be stolen. For sites that aren't storing your information, they can be riddled with malware or other nasty things - these websites should be avoided.

Searching for stuff

Searching for stuff is easy. In most cases, just type in a part of a URL like google when searching for google.com or hyperiongray when searching for websites in the domain of hyperiongray.com. If you need more advanced search help check out this link here.

OK, I found the website I want, what now? How do I use this information?

Let's do an example together. Let's say you're worried that Hyperion Gray's website has a vulnerability. The website is located at http://www.hyperiongray.com. So you've typed in hyperiongray in the search bar and come back with this:

 

Hyperion Gray, LLC

 http://www.hyperiongray.com/
 Timestamp: Mon Jan 21 04:26:03 GMT 2013 
 BSQLI:0 | SQLI:0 | XSS:0

 

The three numbers below the Timestamp field show 3 types of vulnerabilities. For most purposes the general rule of thumb is to avoid websites where the BSQLI or SQLI number is greater than 0 and be very wary of websites with XSS greater than 0. These letters represent three types of vulnerabilities and the numbers next to them represent the number of each type of vulnerability found by our scanner. You can read more about each one here:

One thing to note that is extremely important is that if we found 0 vulnerabilities, that does not necessarily mean they don't exist, just that we haven't found any. This should be enough to get you started using PunkSPIDER effectively, it's that simple!

I still have more questions

No problem! Just email us at punkspider@hyperiongray.com and ask away. We try to be friendly and responsive, so don't be shy!

 

  • No labels