Category: WebApp PenTest

identYwaf

identYwaf: Blind WAF identification tool

identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads,...

LeakLooker

LeakLooker: Find open databases with Shodan

LeakLooker Find open databases with Shodan. With LeakLooker you can find publicly open MongoDB, CouchDB and Elasticsearch database, it also includes Kibana instances. The script parses results from Shodan, excluding empty and compromised databases....