Security Training Share
SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify...
Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche...
Tamper injection data Option: –tamper sqlmap itself does no obfuscation of the payload sent, except for strings between single quotes replaced by their CHAR()-alike representation. This option can be very useful and powerful in situations where...
WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However,...
0d1n Web security tool to make fuzzing at HTTP 0d1n is an Open Source web application bruteforcer and Fuzzer, its objective is to automate exhaustive tests to search anomalies. At another point of view,...
Blisqy Blisqy is a tool to aid Web Security researchers to find Time-based Blind SQL injection on HTTP Headers and also exploitation of the same vulnerability. The exploitation enables slow data siphon from a...
SQLiScanner Automatic SQL injection with Charles and sqlmapapi Installation Preferably, you can download SQLiScanner by cloning the Git repository: git clone https://github.com/0xbug/SQLiScanner.git –depth 1 You can download sqlmap by cloning the Git repository: git...
Pybelt is an open source hacker tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking...
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as...
PHP_Code_Static_Analysis A basic script to detect vulnerabilities into a PHP source code Currently detecting : SQL injection Local File Inclusion Insecure emails Cross Site Scripting Remote Commands Execution LDAP injection XPATH injection Header injection...
libinjection is a library that parses parameter value to SQL elements (tokens) and checks if tokens combination (fingerprint) is familiar to SQL-injection attack. This library has high performance and is commonly used by WAF/NGFW...
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
V3n0M is a free and open source scanner. Evolved from Baltazar’s scanner, it has adopted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and...
RED HAWK All in one tool for Information Gathering and Vulnerability Scanning Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois...
Linux news