Pybelt: The hackers tool belt
Pybelt is an open source hacker tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking...
Tagged: sqli
sqlmap v1.2.4 release – fix bugs: Automatic SQL injection and database takeover tool
Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche...
Vulny-Code-Static-Analysis: detect vulnerabilities into a PHP source code
PHP_Code_Static_Analysis A basic script to detect vulnerabilities into a PHP source code Currently detecting : SQL injection Local File Inclusion Insecure emails Cross Site Scripting Remote Commands Execution LDAP injection XPATH injection Header injection...
libinjection fuzzer: fuzz MariaDB/MSSQL/MySQL/PostgreSQL/Oracle database query to find libinjection bypasses
libinjection is a library that parses parameter value to SQL elements (tokens) and checks if tokens combination (fingerprint) is familiar to SQL-injection attack. This library has high performance and is commonly used by WAF/NGFW...
[Collection] Some good Vulnerable Web application Lab for PenTester
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
V3n0M-Scanner v425 releases: SQLi/XSS/LFI/RFI vulnerabilities scanning
V3n0M is a free and open source scanner. Evolved from Baltazar’s scanner, it has adopted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and...
RED HAWK: All in one tool for Information Gathering, Vulnerability Scanning and Crawling
RED HAWK All in one tool for Information Gathering and Vulnerability Scanning Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois...
python gdork sqli: Automatically Finding and Exploiting SQL injection
Find SQL injections This python script is developed to show, how many vulnerable websites, which are laying around on the web. The main focus of the script is to generate a list of vuln...
SQLmap tamper script for bypassing WAF
Tamper injection data Option: –tamper sqlmap itself does no obfuscation of the payload sent, except for strings between single quotes replaced by their CHAR()-alike representation. This option can be very useful and powerful in situations where...
Report: WordPress Plugin and Theme Vulnerabilities in 2017
According to securityaffairs, January 23 news, security researchers recently released WordPress plugin and theme of vulnerability statistics in 2017, these data from the latest WordPress Vulnerability Database ThreatPress. It is reported that ThreatPress is currently monitoring...
