BlindElephant is a tool that helps security professionals and systems administrators identify everything running on their servers, including any web applications users may have downloaded. It doesn't check for vulnerabilities or vulnerability to a particular exploit, but rather what version of applications are running on their site.
For each application that the tool will support, BlindElephant consumes a number of version directories. All files and directories are processed, and a hash is computed for each file. This hash is stored in a temporary table, along with the path and version of the application it came from. Accuracy of the tool was demonstrated by a large-scale survey on Internet-visible hosts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.