Security Training Share
WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a...
testxss PHP tool to test XSS. Note that this is an automated tool, a manual check is still required. Download git clone https://github.com/gwen001/testxss.git Use Usage: php testxss.php [OPTIONS] Options: -h, –help print this help –burp...
Pybelt is an open source hacker tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking...
WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as...
Damn Small XSS Scanner (DSXS) is a fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. As of optional settings, it supports HTTP proxy together...
XssPy is a python tool for finding Cross-Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool...
Shuriken was developed by Shogun Lab as an open source Cross-Site Scripting (XSS) command line utility to aid web security researchers who want to test a list of XSS payloads in a web application....
XSS Tool Overview This tool is an intelligent XSS detection tool that uses human techniques to look for reflected cross-site scripting (XSS) vulnerabilities. Rather than use the same approach as virtually every other reflected...
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
V3n0M is a free and open source scanner. Evolved from Baltazar’s scanner, it has adopted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and...
BruteXSS is a tool written in python simply to find XSS vulnerabilities in the web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI...
Both in the traditional PC Web platform or mobile terminal platform, client-side or server-side, the JavaScript fairly good performance and reflect the rich framework to support, so it as a mainstream development language has...
XSS Radar is a tool that detects parameters and fuzzes them for cross-site scripting vulnerabilities. It’s also the first tool developed by the Bug Bounty Forum community! How do I install it? At present, we’re only supporting the...
xsssniper is a handy xss discovery tool with mass scanning functionalities. What it does is scanning target URL for GET parameters and then inject an XSS payload (Y) into them and parse the response...
