Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published June 1, 2018 · Last modified October 10, 2021
Galileo – Web Application Audit Framework Galileo is an open source penetration testing tool for the web application, which helps developers and penetration testers identify and exploit vulnerabilities in their...
Password Attacks / Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published May 9, 2018
TheDoc is a simple but very useful SQLMAP Automator with built-in admin finder, hash cracker(using hashcat) and more! Abilities: Counts total injections tried. Crawls given domain for vulnerabilities. Extracts Database...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published April 8, 2018 · Last modified December 19, 2019
XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false-positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its...
Exploitation / Network PenTest / Web Exploitation / WebApp PenTest
by do son · Published March 20, 2018
msf-autopwn Performs or reads a Nmap scan then automatically exploits machines that contain some of the most common vulnerabilities. Installation This install is only tested on Kali. Clone into the...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 23, 2018 · Last modified May 1, 2024
sqlmapchik sqlmapchik is a cross-platform sqlmap GUI for the popular sqlmap tool. It is primarily aimed to be used on mobile devices (currently Android is supported). Installation (easy) The easiest...
SnappingTurtle aims to be the Swiss Army Knife of web exploitation. That is to say, it is compact because it’s comprised of a single Python script and intended to exploit...
Web Exploitation / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 18, 2018
DAVScan is a quick and lightweight webdav scanner designed to discover hidden files and folders on DAV enabled webservers. The scanner works by taking advantage of overly privileged/misconfigured WebDAV servers...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 18, 2018
Blind SQL Injection via Bitshifting This is a module that performs blind SQL injection by using the bitshifting method to calculate characters instead of guessing them. It requires 7/8 requests per character,...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 17, 2018 · Last modified October 10, 2021
NoSQLAttack is an open source Python tool to automate expose MongoDB server IP on the internet and disclose the database data by MongoDB default configuration weaknesses and injection attacks. Presently,...
Web Exploitation / Web Information Gathering / Web Vulnerability Analysis
by do son · Published February 15, 2018 · Last modified February 15, 2019
What is DarkSpiritz? Created by the SecTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published February 14, 2018
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either...
Programming / Web Exploitation / Web Vulnerability Analysis
by do son · Published February 1, 2018 · Last modified October 25, 2022
PHP Vulnerability Hunter is an advanced whitebox PHP web application fuzzer that scans for several different classes of vulnerabilities via static and dynamic analysis. By instrumenting application code, PHP Vulnerability...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published January 27, 2018
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real-world web service vulnerabilities. The aim of this project...
SQLi-Hunter SQLi-Hunter is a simple HTTP proxy server and a sqlmap api wrapper that makes dig SQLi easily. Installation Requirement Ruby: > 2.0.0 sqlmap Install via source code git clone...
Web Exploitation / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published December 27, 2017 · Last modified November 4, 2024
hackUtils It is a hacking toolkit for pentest and web security research, which is based on BeautifulSoup bs4 module. Feature Add exploit module for Joomla 1.5 – 3.4.5 – Object...
Support Securityonline.info site. Thanks!
