Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published October 7, 2018 · Last modified November 4, 2024
WordPress Exploit Framework is a Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. Changelog v2.0.1 Changes Add bypass for admin...
CloudJack AWS Route53/CloudFront Vulnerability Assessment Utility CloudJack assesses AWS accounts for subdomain hijacking vulnerabilities as a result of decoupled Route53 and CloudFront configurations. This vulnerability exists if a Route53 alias...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published October 4, 2018 · Last modified May 1, 2024
Raccoon Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data,...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published September 25, 2018 · Last modified October 10, 2021
Cloud Inquisitor improves the security posture of an AWS footprint through: monitoring AWS objects for ownership attribution, notifying account owners of unowned objects, and subsequently removing unowned AWS objects if...
Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published September 25, 2018
OWASP JoomScan Project OWASP Joomla! Vulnerability Scanner is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments....
by do son · Published September 23, 2018 · Last modified October 26, 2020
Security Knowledge Framework is an expert system application that uses the OWASP Application Security Verification Standard with detailed code examples (secure coding principles) to help developers in pre-development and post-development...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published September 14, 2018 · Last modified November 4, 2024
OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in Perl programming language to detect VBulletin CMS vulnerabilities and analyses them. Why OWASP VBScan? If you want to...
crossdomain Checking for CORS misconfiguration Download git clone https://github.com/dienuet/crossdomain.git Use Scanning for list domains python corser.py -list_domain ~/aquatone/target.com/urls.txt -origin attacker.com the file is a list subdomains that’s result from aquatone tool...
Spectator Regex based source code scanner that uses git enterprise search interface to find potential security vulnerability and automatically create issues in an affected repository. Download git clone https://github.com/cucrisis/spectator.git Usage ...
Information Gathering / Network PenTest / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published August 29, 2018
Red Team Arsenal is a web/network security scanner which has the capability to scan all company’s online facing assets and provide a holistic security view of any security anomalies. It’s a closely linked...
Web Exploitation / Web Information Gathering / Web Vulnerability Analysis
by do son · Published August 27, 2018 · Last modified July 19, 2020
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published August 21, 2018
shodan-scanner is intended to be a tool to more easily continuously monitor Shodan for relevant hosts using a local database for easier inventory. File description: requirements.txt: Contains Python dependencies essential for...
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, it will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables...
testxss PHP tool to test XSS. Note that this is an automated tool, a manual check is still required. Download git clone https://github.com/gwen001/testxss.git Use Usage: php testxss.php [OPTIONS] Options: -h, –help...
Programming / Web Vulnerability Analysis
by do son · Published August 16, 2018 · Last modified August 5, 2019
phpcs-security-audit phpcs-security-audit is a set of PHP_CodeSniffer rules that find vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7 specific rules....
Support Securityonline.info site. Thanks!
Urgent Security Update: Guix System Patches Critical Vulnerability
October 22, 2024
