Web Exploitation / Web Vulnerability Analysis
by do son · Published May 6, 2021 · Last modified September 18, 2023
interactsh Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example – Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction support...
Session Hijacking Visual Exploitation Session Hijacking Visual Exploitation is a tool that allows for the hijacking of user sessions by injecting malicious JavaScript code. Installation Prerequisites To run Session Hijacking Visual Exploitation, you will...
HTMLSmuggler HTMLSmuggler – JS payload generator for IDS bypass and payload delivery via HTML smuggling. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and intrusion detection systems,...
Web Exploitation / Web Vulnerability Analysis
by ddos-admin · Published August 2, 2019 · Last modified September 5, 2023
Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers. It comes with a powerful detection engine, many niche features for...
Web Exploitation / Web Vulnerability Analysis
by do son · Published October 12, 2022 · Last modified August 27, 2023
Ghauri An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws Features Supports the following types of injection payloads: Boolean based. Error Based Time-Based Stacked Queries Support SQL...
Web Exploitation / Web Vulnerability Analysis
by do son · Published August 30, 2019 · Last modified August 24, 2023
Tamper injection data Option: –tamper sqlmap itself does no obfuscation of the payload sent, except for strings between single quotes replaced by their CHAR()-alike representation. More information about programming you can find on Thoughtsoncloud. This option...
Web Exploitation / Web Vulnerability Analysis
by do son · Published June 26, 2019 · Last modified August 14, 2023
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications...
Cross-site scripting (XSS) is a type of computer security vulnerability that is normally present in web applications. XSS allows attackers to implement client scripts on web pages viewed by other users. Vulnerability XSS can...
JNDI-Injection-Exploit-Plus JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and providing background services by starting the RMI server, LDAP server, and HTTP server. Using this tool allows you to get JNDI links, you can...
XSS Exploitation Tool It is a penetration testing tool that focuses on the exploitation of Cross-Site Scripting vulnerabilities. This tool is only for educational purpose, do not use it against real environment Features Technical...
