Yaptest v0.0.4 Released

Usernames and passwords found during testing are now automatically entered into the credentials database (e.g. windows usernames from SNMP or RID cycling, passwords guessed by hydra).  Yaptest is now also able to call John the Ripper to crack password hashes from the credentials database that haven’t already been cracked.  I’ve update the Managing Login Credentails with Yaptest page with full details.

yaptest-icmp.pl has been added to query the database about hosts that respond to various types of ICMP.  yaptest-ports.pl can now search on nmap service type and nmap service version so you can easily search for all HTTP servers or all Apache servers for example.

The new version of yaptest doesn’t rely on environment variable so much for configuration options – this wouldn’t port to Windows too well.  Setting up a new test is therefore done slightly differently now.  Check out the updated Yaptest User Guide and Yaptest Installation pages.

Also check out the full CHANGELOG .

Leave a Reply