Web Vulnerability Analysis Archives • Cybersecurity News

pphack: The Most Advanced Client-Side Prototype Pollution Scanner

do son April 26, 2024

pphack pphack is a CLI tool for scanning websites for client-side prototype pollution vulnerabilities. Feature Fast (concurrent...

SmuggleFuzz: HTTP/2 based downgrade and smuggle scanner HTTP downgrade attack

SmuggleFuzz: HTTP/2 based downgrade and smuggle scanner

do son April 19, 2024

SmuggleFuzz SmuggleFuzz is designed to assist in identifying HTTP downgrade attack vectors. Its standout feature is not...

secator: The pentester’s swiss knife security assessments

secator: The pentester’s swiss knife

do son April 3, 2024

secator secator is a task and workflow runner used for security assessments. It supports dozens of well-known...

OSTE-Meta-Scanner: A comprehensive web vulnerability scanner

do son March 20, 2024

OSTE-Meta-Scanner This project aims to simplify the field of Dynamic Application Security Testing. The OSTE meta scanner...

sicat: an advanced exploit search tool

do son March 9, 2024

SiCat – The useful exploit finder SiCat is an advanced exploit search tool designed to identify and...

SessionProbe: assist in evaluating user privileges in web applications session token authorization

SessionProbe: assist in evaluating user privileges in web applications

do son March 7, 2024

SessionProbe SessionProbe is a multi-threaded pentesting tool designed to assist in evaluating user privileges in web applications....

sessionless: Burp Suite extension for editing, signing, verifying various signed web tokens Burp Suite extension token

sessionless: Burp Suite extension for editing, signing, verifying various signed web tokens

do son February 15, 2024

Sessionless Sessionless is a Burp Suite extension for editing, signing, verifying, and attacking signed tokens: Django TimestampSigner, ItsDangerous...

TInjA: CLI tool for testing web pages for template injection vulnerabilities

do son February 13, 2024

TInjA – the Template INJection Analyzer TInjA is a CLI tool for testing web pages for template injection vulnerabilities....

XnlReveal: Chrome browser extension to show alerts for relfected query params, show hidden elements Chrome extension Wayback Archive

XnlReveal: Chrome browser extension to show alerts for relfected query params, show hidden elements

do son January 21, 2024

XnlReveal This is a Chrome Extension that can do the following: Show an alert for any query parameters that...

SBSCAN: penetration testing tool specifically designed for the Spring framework Spring framework penetration testing

SBSCAN: penetration testing tool specifically designed for the Spring framework

do son January 17, 2024

SBSCAN SBSCAN is a penetration testing tool specifically designed for the Spring framework, capable of scanning specified...

FlowMate: BurpSuite extension that brings taint analysis to web applications

do son January 14, 2024

FlowMate Have you ever wondered how to consider all input-to-output correlations of a web application during a...

BypassFuzzer: Fuzz 401/403/404 pages for bypasses 404 bypasses

BypassFuzzer: Fuzz 401/403/404 pages for bypasses

do son January 10, 2024

Bypass Fuzzer Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs,...

kanha: A web-app pentesting suite written in Rust

do son January 10, 2024

kanha Kanha is a tool that can help you perform, a variety of attacks based on the...

dummy: Generator of static files for testing file upload

do son January 9, 2024

dummy Generator of static files for testing file upload functionality. When generating a png, as in the...

VulnMapAI: Revolutionizing Vulnerability Reports with GPT-4 and Nmap GPT-4 Vulnerability

VulnMapAI: Revolutionizing Vulnerability Reports with GPT-4 and Nmap

do son January 9, 2024

VulnMapAI VulnMapAI combines the power of Nmap’s detailed network scanning and the advanced natural language processing capabilities...