Web Checks - 126 Checks
***********************
Web service is running
Misc Evaluate web service software
Misc MS Proxy Server
Misc Remote IIS administration
Misc Oracle owa_util package
Execute Commands msadc
Execute Commands campas
Execute Commands jj
Execute Commands formmail
Execute Commands formmail.pl

Execute Commands faxsurvey
Execute Commands get32.exe
Execute Commands alibaba.pl
Execute Commands tst.bat
Execute Commands phf
Execute Commands webdist.cgi
Execute Commands aglimpse.cgi
Execute Commands echo.bat
Execute Commands hello.bat
Execute Commands loadpage.cgi

Execute Commands Oracle Bat files
View files iissamples/issamples/query.idq
View files iissamples/issamples/fastq.idq
View files iissamples/exair/search/search.idq
View files iissamples/exair/search/query.idq
View files prxdocs/misc/prxrch.idq
View files iissamples/issamples/oop/qfullhit.htw
View files iissamples/issamples/oop/qsumrhit.htw
View files scripts/samples/search/qfullhit.htw
View files scripts/samples/search/qsumrhit.htw

View files Webhits
View files scripts/samples/search/author.idq
View files scripts/samples/search/filesize.idq
View files scripts/samples/search/filetime.idq
View files scripts/samples/search/query.idq
View files scripts/samples/search/queryhit.idq
View files scripts/samples/search/simple.idq
View files scripts/samples/search/filesize.idq
View files scripts/samples/search/filetime.idq
View files scripts/samples/search/query.idq

View files scripts/samples/search/queryhit.idq
View files scripts/samples/search/simple.idq
View files scripts/samples/search/qfullhit.htw
View files scripts/samples/search/qsumrhit.htw
View files scripts/samples/search/webhits.exe
View files iissamples/exair/howitworks/codebrws.asp
View files msadc/samples/selector/showcode.asp
View files scripts/rguest.exe
View files cgi-bin/rguest.exe
View files scripts/wguest.exe

View files cgi-bin/wguest.exe
View files Search admin webhits.exe
View files view-source
View files ~root
View files ~ftp
View files FormHandler.cgi
View files AltaVista query
View files search.cgi (EZSHOPPER)
View files htsearch
View files sojourn.cgi

View files windmail
Information cfcache.map
Information idc reveals physical paths
Information bdir.htr
Information server-info
Information server-status
Information robots.txt
Information cgi-bin/enivron.pl
Information scripts/environ.pl
Information testcgi

Information test-cgi
Information test.cgi
Information cgitest.exe
Information nph-test-cgi
Information mkilog.exe
Information mkplog.exe
Information cgi-bin/htimage.exe
Information scripts/htimage.exe
Information names.nsf
Information catalog.nsf

Information log.nsf
Information domlog.nsf
Information domcfg.nsf
Information  doctodep.btr
FrontPage administrators.pwd
FrontPage authors.pwd
FrontPage users.pwd
FrontPage service.pwd
FrontPage IIS Account shtml.dll
Directory Listing cgi-bin

Directory Listing scripts
Directory Listing Netscape PageService
Shell check cgi-bin/sh
Shell check cgi-bin/csh
Shell check cgi-bin/ksh
Shell check cgi-bin/tcsh
Shell check cgi-bin/cmd.exe
Shell check scripts/cmd.exe
Perl cgi-bin/cmd32.exe
Perl scripts/cmd32.exe

Perl cgi-bin/perl.exe
Perl scripts/perl.exe
Perl Errors reveal info
Create file newdsn.exe
BUffer overrun fpcount.exe
Buffer Overrun count.cgi
Predictable SessionID rightfax
Search iissamples/issamples/query.asp
Search iissamples/exair/search/advsearch.asp
Search samples/search/queryhit.htm

Search Netscape
Password Attacks iisadmpwd/aexp3.htr
HTTP Methods allowed to root directory
HTTP Methods allowed to /users
HTTP Methods allowed to /cgi-bin
HTTP Methods allowed to /scripts
Create file in /users directory
Create file in /cgi-bin directory
Create file in / directory
Create file in /scripts directory

File Upload repost.asp
File Upload cgi-win/uploader.exe
View Source Netscape append space
View Source shtml.dll
View Source ::$DATA
Configuration .htaccess

SMTP Service -  21 Checks
************************
SMTP service is running
Service software enumeration
EXPN command allowed
VRFY command allowed
VERB command allowed
Mail relaying allowed'
Win2k SMTP IIS Service Buffer Overrun
SLMail Buffer Overrun
Exchange Service Packs
Sendmail Wizard
Sendmail debug
Sendmail piped aliases
Mail to programs
Mail from bounce check
Sendmail 8.6.9 IDENT vulnerability
Sendmail 8.6.11 DoS vulnerability
Sendmail 8.7.5 GECOS buffer overrun vulnerability
Sendmail 8.8.0 MIME buffer overrun vulnerability
Sendmail 8.8.3 MIME buffer overrun vulnerability
Decode alias check
Mail forgery

FTP Checks - 7 Checks
*********************
FTP daemon is running
Service Software enumeration
IIS 4 DoS
Anonymous logins allowed
Hidden /c directory found
Uploads allowed to /c
Uploads allowed to root

Portmapper - 2 Checks
*********************
Portmapper is listening
Dump RPC Services running

POP3 Checks - 3 Checks
**********************
POP3 Daemon is running
Service software enumeration
QPOP buffer overrun

MS SQL Server Checks - 19 Checks
********************************
MS SQL Server is running
sa login has no password
Dump logins from master database
login has a blank password
login's password is same as login name
Dump databases
guest account is enabled on database
Dump logins with access to database
Audit database roles in database
Audit members of server-wide sysadmin role
Audit members of server-wide securityadmin role
Audit members of server-wide setupadmin role
Audit members of server-wide serveradmin role
Audit members of server-wide diskadmin role
Audit members of server-wide processadmin role
Audit members of server-wide dbcreator role
Check if SQL Authentication is allowed
Check if Mixed Mode Authentication is allowed
Check if NT Authentication is allowed

NT Accounts - 8 Checks
********************
Enumnerate Account Name
User Full name
User Comment
User Privs
User Last logon
User Last password change
Account has a blank password
Account has password same as userID

NT Shares - 3 Checks
********************
Share Name
Share Type
Null session connection

NT Groups - 2 Checks
********************
Enumerate group names
Enumerate and list members

NT User Mode Service Checks - 12 Checks
***************************************
Enumerate running user mode services
Check binary path
Audit permissions on SCM
Security context
Messenger Service is running
Browser Service is running
Index Service is running
SQL Service is running
Telnet Service is running
RASMAN Service is running
IP RIP Service is running
SNMP Agent Service is running

NT Driver Service Checks - 3 Checks
***********************************
Enumerate running driver services
Check binary path
Audit permissions on SCM

NT Registry Checks - 40 Checks
******************************
Audit permissions on permissions on various keys
Check values of various keys and values