WebApp PenTest Archives • Page 13 of 37 • Cybersecurity News

MITM Intercept: intercept and modify non-HTTP protocols through Burp & others

do son June 1, 2022

MITM Intercept A little bit less hackish way to intercept and modify non-HTTP protocols through Burp and...

haxunit: combines active & passive subdomain enumeration tools and port scanning tools with vulnerability discovery tools

do son May 30, 2022

haxunit HaxUnit combines multiple active and passive subdomain enumeration tools and port scanning tools with vulnerability discovery...

hakoriginfinder: discovering the origin host behind a reverse proxy Screenshot 2022-05-14 013129

hakoriginfinder: discovering the origin host behind a reverse proxy

do son May 28, 2022

hakoriginfinder Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other...

CRLFsuite v2.5.2 releases: Fast CRLF injection scanning tool

do son May 26, 2022

CRLFsuite CRLFsuite is a fast tool specially designed to scan CRLF injection. Features ✔️ Single URL scanning ✔️ Multiple...

Jeeves: looking to Time-Based Blind SQLInjection through recon

do son May 25, 2022

Jeeves Jeeves is made for looking to Time-Based Blind SQLInjection through recon. Install > go install github.com/ferreiraklet/Jeeves@latest...

EV: IDS Evasion via TCP/IP Packet Manipulation

do son May 18, 2022

EV: IDS Evasion via TCP/IP Packet Manipulation EV is a tool that allows you to craft TCP...

recheck v4.5 beta4 releases: The trustworthy ReDoS checker check ReDoS vulnerability

recheck v4.5 beta4 releases: The trustworthy ReDoS checker

do son May 17, 2022

What is ReDoS vulnerability? A regular expression is the most known text processing utility for programmers. There...

pocsploit: open source PoC verification framework

do son May 16, 2022

pocsploit pocsploit is a lightweight, flexible, and novel open-source poc verification framework. Pain points of the POC...

RedDrop: web server for capturing and processing encoded and encrypted payloads Web Server for Penetration Testers

RedDrop: web server for capturing and processing encoded and encrypted payloads

do son May 11, 2022

RedDrop Exfil Server RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers, Red Teamers,...

infoooze v1.1.9 releases: Open-source intelligence (OSINT) tool in NodeJs OSINT nodejs

infoooze v1.1.9 releases: Open-source intelligence (OSINT) tool in NodeJs

do son May 9, 2022

Infoooze Infoooze is an Information collection tool (OSINT) in NodeJs. It provides various modules that allow efficient...

reposaur v0.7.1 releases: Audit your GitHub data using custom policies Audit GitHub data

reposaur v0.7.1 releases: Audit your GitHub data using custom policies

do son May 8, 2022

Reposaur Reposaur allows users and organizations to execute policies against GitHub data to generate reports, perform auditing,...

Local PHP Security Checker v2.0.6 releases: checks if your PHP application depends on PHP packages with known security vulnerabilities PHP security vulnerabilities checker

Local PHP Security Checker v2.0.6 releases: checks if your PHP application depends on PHP packages with known security vulnerabilities

do son May 3, 2022

Local PHP Security Checker The Local PHP Security Checker is a command-line tool that checks if your...

skanuvaty: Dangerously fast dns/network/port scanner

do son May 1, 2022

Skanuvaty Dangerously fast dns/network/port scanner, all-in-one. Start with a domain, and we’ll find everything about it. Features:...

Jbin v2.0 releases: gather all the URLs from the website website secret scraper

Jbin v2.0 releases: gather all the URLs from the website

do son April 27, 2022

Jbin website secret scraper Jbin will gather all the URLs from the website and then it will...

Dome: active and/or passive scans to obtain subdomains and search for open ports

do son April 26, 2022

DOME – A subdomain enumeration tool Dome is a fast and reliable python script that makes active...