The Top 8 Burp Suite Extensions
Burp Suite is an integrated platform for attacking web applications. It contains a number of tools, and for these tools to design a number of interfaces to accelerate the process...
Category: Web Exploitation
Finding and exploiting Cross-site request forgery (CSRF)
Introduce Cross-site request forgery [CSRF], also known as a one-click attack or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of...
Penetration Testing in the Real World
A penetration test (pentest for short) is a method of attacking a computer’s systems in the hope of finding weaknesses in its security. If the pentest successfully gains access, it...
Penetration-Testing-Toolkit: A web interface to automate Penetration Testing
Penetration Testing Toolkit A web interface to automate Scanning, Generating metasploit payload, Network Testing,Exploring CMS,Information Gathering,DNS Queries,IP Tools,Domain tools and much more. Features Includes web interface for different tools for...
Using sqlmap with Google Dork for exploiting sql injection
Introduction sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a...
Using BurpSuite with TOR for Anonymously Penetration Testing
Introduction The Tor Browser is the official web browser of the Tor Project. Its design focuses on allowing the user to browse the web with a high level of anonymity....
Sql injection Attacks & Defense
SQL injection is through the SQL command into the Web form submit or enter the domain name query string or page request, and ultimately to deceive the server to execute...
Metasploitable3: Exploiting Axis2 vulerability
Introduction Apache Axis2™ is a Web Services / SOAP / WSDL engine, the successor to the widely used Apache Axis SOAP stack. There are two implementations of the Apache Axis2...
DSJS: JavaScript library vulnerability scanner
Damn Small JS Scanner (DSJS) is a fully functional JavaScript library vulnerability scanner written in under 100 lines of code. It has to be noted that it is a derivative...
Command injection Vulnerability
Command Injection is submitted by malicious parameters of the structure of the destruction of command structure, so as to achieve the purpose of the implementation of malicious commands. PHP command...
