WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However,...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published March 25, 2019 · Last modified March 24, 2019
Blisqy Blisqy is a tool to aid Web Security researchers to find Time-based Blind SQL injection on HTTP Headers and also exploitation of the same vulnerability. The exploitation enables slow data siphon from a...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published December 3, 2018 · Last modified December 23, 2018
SQLiScanner Automatic SQL injection with Charles and sqlmapapi Installation Preferably, you can download SQLiScanner by cloning the Git repository: git clone https://github.com/0xbug/SQLiScanner.git –depth 1 You can download sqlmap by cloning the Git repository: git...
Pybelt is an open source hacker tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published July 12, 2017 · Last modified May 8, 2018
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as...
Web Vulnerability Analysis / WebApp PenTest
by do son · Published August 7, 2017 · Last modified March 25, 2018
PHP_Code_Static_Analysis A basic script to detect vulnerabilities into a PHP source code Currently detecting : SQL injection Local File Inclusion Insecure emails Cross Site Scripting Remote Commands Execution LDAP injection XPATH injection Header injection...
libinjection is a library that parses parameter value to SQL elements (tokens) and checks if tokens combination (fingerprint) is familiar to SQL-injection attack. This library has high performance and is commonly used by WAF/NGFW...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published June 24, 2017 · Last modified February 24, 2018
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published May 19, 2017 · Last modified February 16, 2018
Find SQL injections This python script is developed to show, how many vulnerable websites, which are laying around on the web. The main focus of the script is to generate a list of vuln...
According to securityaffairs, January 23 news, security researchers recently released WordPress plugin and theme of vulnerability statistics in 2017, these data from the latest WordPress Vulnerability Database ThreatPress. It is reported that ThreatPress is currently monitoring...
