jSQL Injection jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open-source, and cross-platform (Windows, Linux, Mac OS X). It is also part of the...
Web Exploitation / Web Vulnerability Analysis
by ddos-admin · Published August 2, 2019 · Last modified October 8, 2023
Sqlmap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers. It comes with a powerful detection engine, many niche features for...
Web Exploitation / Web Vulnerability Analysis
by do son · Published August 30, 2019 · Last modified August 24, 2023
Tamper injection data Option: –tamper sqlmap itself does no obfuscation of the payload sent, except for strings between single quotes replaced by their CHAR()-alike representation. More information about programming you can find on Thoughtsoncloud. This option...
Web Exploitation / WebApp PenTest
by do son · Published June 29, 2017 · Last modified September 10, 2022
User Agent: sometimes abbreviated as UA, the user agent is a browser text string that is given to each website you visit; containing information such as the browser version, compatibility, operating system, and any...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published June 29, 2017 · Last modified March 5, 2022
V3n0M is a free and open source scanner. Evolved from Baltazar’s scanner, it has adopted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and...
Totally Insecure Web Application Project (TIWAP) TIWAP is a web security testing lab made using Flask for budding security enthusiasts to learn about various web vulnerabilities. Inspired by DVWA, the contributors have tried their...
Web Information Gathering / Web Vulnerability Analysis / WebApp PenTest
by do son · Published June 12, 2017 · Last modified October 10, 2021
RED HAWK All in one tool for Information Gathering and Vulnerability Scanning Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois...
Web Exploitation / WebApp PenTest
by do son · Published September 1, 2017 · Last modified October 10, 2021
SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify...
SQLmap POST request injection Sometimes SQL injection attacks are only successful with HTTP post methods. In this post, I am going to demonstrate the easiest way is to deploy a simple sqlmap command. Step...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published November 20, 2017 · Last modified May 25, 2021
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA. You will find more vulnerabilities than the...
