Security Training Share
XSpear XSpear is XSS Scanner on ruby gems Key features Pattern matching based XSS scanning Detect alert confirm prompt event on the headless browser (with Selenium) Testing request/response for XSS protection bypass and reflected params...
WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a...
WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However,...
0d1n Web security tool to make fuzzing at HTTP 0d1n is an Open Source web application bruteforcer and Fuzzer, its objective is to automate exhaustive tests to search anomalies. At another point of view,...
What is Naxsi? NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing...
testxss PHP tool to test XSS. Note that this is an automated tool, a manual check is still required. Download git clone https://github.com/gwen001/testxss.git Use Usage: php testxss.php [OPTIONS] Options: -h, –help print this help –burp...
Pybelt is an open source hacker tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking...
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as...
Damn Small XSS Scanner (DSXS) is a fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. As of optional settings, it supports HTTP proxy together...
XssPy is a python tool for finding Cross-Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool...
Shuriken was developed by Shogun Lab as an open source Cross-Site Scripting (XSS) command line utility to aid web security researchers who want to test a list of XSS payloads in a web application....
XSS Tool Overview This tool is an intelligent XSS detection tool that uses human techniques to look for reflected cross-site scripting (XSS) vulnerabilities. Rather than use the same approach as virtually every other reflected...
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
V3n0M is a free and open source scanner. Evolved from Baltazar’s scanner, it has adopted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and...
