SecuBat v0.5.0.0

Software Requirements:

- Windows 2000, XP, 2003 or higher
- .NET Framework 2.0 or higher
- MS SQL Server 2000, 2005, Express, MSDE or higher


1.) Install or locate a MS SQL Server (2000, 2005, Express or MSDE) in the network or local.
2.) Create a database named "SecuBat" in this SQL server.
3.) Create a database user with rights to this database.
4.) Install the database schema by executing the delivered Database\db.sql script using MS Query Analyzer or similar into the new database.
5.) Copy the SecuBat binaries directory to a directory of your choice on your harddisk.
6.) Modify the SecuBat.exe.config file in your chosen program directory.
6.1.) Configure the connection string named "Connection String" to point to your SQL server.
e.g. "Database=SecuBat;Server=;Integrated Security=false;User=mysecubatuser;Password=mypass"
7.) Start SecuBat by double-clicking SecuBat.exe.
8.) Add the attack plugins of your choice to SecuBat (4 are delivered with SecuBat).
8.1.) Click menu - Tools - Configure Plugins...
8.2.) Click button "Add Plugin..."
8.3.) Choose one of the attack plugins in the binaries directory (recognizable by a "SecuBat.AttackPlugins.*" filename).
8.4.) Repeat step 8.3. for each plugin to use.
8.5.) Verify that you have a list of plugins with all rows marked as "Loaded" in the "State" column.
8.6.) Close the plugin window by clicking "Ok".


You can schedule crawling runs to collect targets, attacking runs to attack former target collections or a combined
run to achieve both tasks subsequently.

Feel free to discover the features by yourself, a more complete tutorial will be released in the next weeks. ;-)

Known issues:

- If you schedule a crawling run, you have to restart SecuBat for manually selecting this crawling run for
an attacking run afterwards if you not choose to do a combined run.

- The XSS variants report a not existing vulnerability if the response page contains the injected string within the <title> tag.

- The "Attack Report" window shows only attacks with an analysis value greater than 0 (indicating a vulnerability).


- You can modify the SecuBat.exe.config file to save the logfile to disk by changing this line:
<publisher mode="on" assembly="Css.Diagnostics.TraceComLib" type="Css.Diagnostics.Publishers.TraceTextFilePublisher" filename="c:\temp\secubat_log.crm" />
The file format is similar to XML (readable by notepad) but can be read into Coyote Trace Monitor for more comfort (filtering...):
Coyote Trace Solution:
You can obtain a trial version there, too.


This is an alpha version of SecuBat. Bugs and problems can occur, please notice me about them.

Last edited Jan 27, 2010 at 10:04 AM by SvStefan, version 3


No comments yet.