Web Exploitation / WebApp PenTest
by do son · Published July 4, 2017 · Last modified January 29, 2023
Add headers to all Burp requests to bypass some WAF products. This extension will automatically add the following headers to all requests. Features Users can modify the X-Originating-IP, X-Forwarded-For, X-Remote-IP, X-Remote-Addr headers sent in...
hasherbasher This is a tool used to help exploit poorly designed authentication systems by locating ASCII strings that when MD5 hashed, result in raw bytes that could change SQL logic. You can also check...
Forensics / Information Gathering / Metasploit / Network PenTest / Vulnerability Analysis / Web Exploitation / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published May 19, 2017 · Last modified November 20, 2022
We have filled the world of hackers with infinite fantasy and fear, but with the rise of technology and security in the field of progress, hacking technology has become increasingly common. In fact, network...
Web Exploitation / Web Vulnerability Analysis
by do son · Published March 12, 2021 · Last modified October 25, 2022
Mole A framework for identifying and exploiting out-of-band application vulnerabilities. Installation & Setup Mole Install Python >= 3.6 git clone https://github.com/ztgrace/mole.git virtualenv -p /usr/bin/python3 venv source venv/bin/activate ./venv/bin/pip3 install -r requirements.txt git submodule update...
Exploitation / Information Gathering / Web Exploitation / Web Information Gathering
by do son · Published June 6, 2019 · Last modified October 25, 2022
shodansploit Shodan is a search engine on the internet where you can find interesting things all over the world. For example, we can find cameras, bitcoin streams, zombie computers, ports with weakness in service,...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 23, 2018 · Last modified October 25, 2022
sqlmapchik sqlmapchik is a cross-platform sqlmap GUI for the popular sqlmap tool. It is primarily aimed to be used on mobile devices (currently Android is supported). Installation (easy) The easiest way to install sqlmapchik...
Programming / Web Exploitation / Web Vulnerability Analysis
by do son · Published February 1, 2018 · Last modified October 25, 2022
PHP Vulnerability Hunter is an advanced whitebox PHP web application fuzzer that scans for several different classes of vulnerabilities via static and dynamic analysis. By instrumenting application code, PHP Vulnerability Hunter is able to...
Web Exploitation / WebApp PenTest
by do son · Published July 31, 2017 · Last modified October 25, 2022
What is CVE-2016-0792? Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and...
SQLiDetector Simple python script supported with BurpBouty profile that helps you to detect SQL injection “Error based” by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. The...
Web Exploitation / WebApp PenTest
by do son · Published June 29, 2017 · Last modified September 10, 2022
User Agent: sometimes abbreviated as UA, the user agent is a browser text string that is given to each website you visit; containing information such as the browser version, compatibility, operating system, and any...
