Security Training Share
Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers. Example use case is hosting-providers keeping eye on their users’ installations to keep...
hsecscan A security scanner for HTTP response headers. Installation Requirement: Python 2.x Usage Example Copyright (C) 2015 riramar Source: https://github.com/riramar/
IronWASP — excellent web application advanced security testing platform. It is an open source for testing Web application vulnerabilities. This tool is very simple to use, but if you have python or ruby programming...
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
BruteXSS is a tool written in python simply to find XSS vulnerabilities in the web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI...
WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However,...
A file upload point is an excellent opportunity to execute XSS applications. Many sites have user rights to upload personal data pictures of the upload point, you have a lot of opportunities to find...
WATABO is a security tool for testing web applications. It is intended to enable security professionals to perform efficient (semi-automated) web application security audits. Most important features: WATOBO has Session Management capabilities! You can...
What is a local file inclusion (LFI) vulnerability? LFI allows an attacker to include a file on a server through a browser. When a Web application does not properly filter the input data, there...
Cross-site scripting (XSS) is a common vulnerability in Web vulnerability analysis. In many cases, it was easy to enter without filtering easily, but most of the services analyzed had strong filtering. However, there are...
Cross Site Scripting (Cross Site Scripting, XSS) is a Web application attack in the data output to the page when there is a problem, leading to an attacker can be constructed malicious data displayed...
I would like to talk about arachni, an open source framework among many Web Vulnerability Scanners (WVS). I tested it briefly, and it seems to be usable. Arachni is a feature-full, modular, high-performance Ruby...
Vega is a free web vulnerability diagnostic scanner developed by SUBGRAPH. The UI is also one of my favorite scanners because of its superior performance compared to other WVS that is clean and non-commercial....
Take a deep dive into hacking web sites and web applications using the latest techniques. In this course, we will teach you the top exploits including Cross-site Scripting, Cross-site Request Forgery, and more! You’ll...
