What is Naxsi? NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing...
WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a...
XSS, cross-site scripting is a vulnerability that allows an attacker to insert malicious code (JavaScript) into a website script. Once a script has been found to be vulnerable the attacker can e-mail or post a link...
XSScope Go beyond the alert XSScope is one of the most advanced GUI Frameworks for XSS Client-side attacks. It can perform different XSS attacks and HTML Injections in real-time. Features Perform XSS botnet attack(s)....
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA. You will find more vulnerabilities than the...
APSoft Webscanner Version 2 Powerful dork searcher and vulnerability scanner for windows platform What can I do with this? with this software, you will be able to search your dorks in supported search engines and...
XSS Attack is the principle of the attacker will be malicious code implanted into the page, resulting in the user browsing the page will be in the trick! XSS can: Steal user, administrator session to...
XSpear XSpear is XSS Scanner on ruby gems Key features Pattern matching based XSS scanning Detect alert confirm prompt event on headless browser (with Selenium) Testing request/response for XSS protection bypass and reflected(or all) params Reflected Params All...
Extended XSS Searcher and Finder This is the extended version based on the initial idea already published as “xssfinder”. This private version allows an attacker to perform not only GET but also POST requests....
WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However,...
