On 06/12/2011 10:21 AM Barry Brimer wrote: >>> So my guess is they're fuzzing/scanning for potential weaknesses in >>> jQuery... >> >> For those managing web sites it would be good to acquire such scripts >> and run them in pre-production as system tests. So where do we get >> scripts such as the one run against Jason's site? > > I don't know if this is exactly what you're looking for, but you might > check out Nikto <http://cirt.net/Nikto2> > > Barry That's interesting and useful in its way. But I'd prefer to use the same scripts used by the actual crackers/bots. Not only would I be able to test my sites with them, but I'd be able to recognize the probes/attacks when they appear in logs as they did for Jason.