By clicking on the plugin icon from the icons bar, you access the plugin dashboard:
At the time of this writing, two plugins are available:
- Catalog-Scanner: Brute-forces directories/files discovery
- SSL-Checker: Checks if certificate supports strong ciphers (>=128bits)
The Catalog-Scanner is a brute-forcer like Nikto, that automatizes the discovery of *hidden* files/directories.
It is based on two files:
During the SSL Handshake on a new TCP connection between a client and a server, the best supported ciphers is chosen among the list of elligible ciphers. For more information on that process, please refer to this document.
Watobo SSL-Checker plugin shows a list of elligible ciphers for a given SSL connection and checks them. Elligible ciphers appear with the flag true and a background color:
See how to use in lesson 7.