php-reaper: PHP tool to scan ADOdb code for SQL Injections
PHP-Reaper PHP tool to scan ADOdb code for SQL Injections Why The main idea is to be able to detect problems as early as possible when the code is fresh in your...
PHP-Reaper PHP tool to scan ADOdb code for SQL Injections Why The main idea is to be able to detect problems as early as possible when the code is fresh in your...
Programming / Web Exploitation / Web Vulnerability Analysis
by do son · Published February 1, 2018 · Last modified December 16, 2024
PHP Vulnerability Hunter is an advanced whitebox PHP web application fuzzer that scans for several different classes of vulnerabilities via static and dynamic analysis. By instrumenting application code, PHP Vulnerability...
cutelog – GUI for Python’s logging module This is a graphical log viewer for Python‘s standard logging module. It can be targeted with a SocketHandler with no additional setup. The...
Simcoin – A Blockchain Simulation Framework 🏗️ Simcoin facilitates realistic simulations of blockchain networks (currently Bitcoin only). The network is virtualized by the simulation software on one single Unix host machine....
Programming / Web Vulnerability Analysis / WebApp PenTest
by do son · Published January 1, 2018 · Last modified December 16, 2024
Web Application Protection (WAP) is a tool to detect and correct input validation vulnerabilities in web applications written in PHP and predicts false positives. The tool combines source code static...
Programming / Web Vulnerability Analysis
by do son · Published October 18, 2017 · Last modified November 4, 2024
PHP Secure Configuration Checker Check current PHP configuration for potential security flaws. Simply access this file from your web server or run on CLI. Author This software was written by...
I am going to make a web crawler that will login to a school website using my credentials and then crawl certain parts of the site. I am using the...
clrinject Injects C# EXE or DLL Assembly into any CLR runtime and AppDomain of another process. The injected assembly can then access static instances of the injection process’s classes and...
pyrasite – Inject code into running Python processes Compatibility Pyrasite works with Python 2.4 and newer. Injection works between versions as well, so you can run Pyrasite under Python 3 and...
Py2ExeDecompiler Decompiles Exe created by Py2Exe using uncompyle6 for both python 2 and 3. Contact: Amanda Rousseau (@malwareunicorn) Download the release here Requirements: Python 2.7, required for 2.7 py2exe binaries...
Taint php extension used to detect XSS codes(tainted string), And also can be used to spot sql injection vulnerabilities, shell inject, etc. The idea is from https://wiki.php.net/rfc/taint, I implemented it in...
X86 Shellcode Obfuscator This is a WIP tool that performs shellcode obfuscation in x86 instruction set. If you want to learn more, check out my blog where I explain how it works:...
Maintaining Access / Network PenTest / Post Exploitation / Programming
by do son · Published August 21, 2017 · Last modified May 1, 2024
covertutils A framework for Backdoor programming! Documentation Page Blog Post in Securosophy describing some internals What is it? This python package automatically handles all communication channel options, like encryption, chunking, steganography, etc. With...
Static program analysis is the analysis of computer software that is performed without actually executing programs (analysis performed on executing programs is known as dynamic analysis).[1] In most cases the analysis is performed on some...
Programming / Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published August 10, 2017
Static program analysis is the analysis of computer software that is performed without actually executing programs (analysis performed on executing programs is known as dynamic analysis).[1] In most cases the analysis is performed on some...