Jan 20, 2014
Self-defined as "a global web application vulnerability search engine" PunkSpider is sort of like a Shodan for web vulns. But not really. But kind of. I played around with the app a bit last year but, the recent maturity has certainly got my attention again. I caught some of the demos at the end of the SchmooCon 2014 LiveStream and had a some lulz at the VNC pwnage. #PunkSpider hyperiongray
Oh and just a heads up, unless enough people harass DotSlashPunk on Twitter, the PunkSpider webapp does not scan .gov and .mil TLDs. You'll have to setup your own Hadoop cluster and install PunkScan for that.
Only one question remains: