Comments on: HttpBee – Web Application Hacking Toolkit

By: Kartoos

Kartoos — Wed, 09 Jul 2008 09:28:45 +0000

Sandeep, you are dumb. One can post anything in this profile with all fake details.

By: Sandeep Nain

Sandeep Nain — Wed, 31 Oct 2007 01:36:51 +0000

@fazed, its sad that police took away your machine.

Also, if you don’t want your hidden HDD to be found out, i don’t think its a good idea to declare about your HDD on public forums.

By: Wagner Elias - Think Security First » links for 2007-10-30

Wagner Elias - Think Security First » links for 2007-10-30 — Wed, 31 Oct 2007 01:22:29 +0000

[...] HttpBee – Web Application Hacking Toolkit | Darknet – The Darkside Kit de ferramentas para hacking em aplicações web baseado em Lua. (tags: hacking Tools) [...]

By: fazed

fazed — Tue, 30 Oct 2007 17:37:29 +0000

I worked on a whole web attack kit
for a while, then the police came and
seized my computer and disks and are in
the process of whiping the hard drive,
lets hope they dont discover the disconnected
mini-hard drive inside the computer I use to make
backups onto.. I’ll release it soon if they don’t..

By: dre

dre — Thu, 25 Oct 2007 01:04:17 +0000

i wonder how this compares to w3af or wfuzz. with the release of technika 1.3, the portswigger book (and new burp features) – i am really going back to my roots with these types of webapp vulnerability assessment tools. now i can remove greasemonkey and start using technika for everything internal to the browser… and use burp for anything that should be external

i also really like how cenzic hailstorm supports modification of its internals with javascript, as well as supporting xpath for configuration of custom crawls (like squish, selenium, and pmd do). combined with fortifysoftware tracer and immunitysec’s sql hooker (plus possibly jdbc spy, filemon, and similar tools) – you can really do web application full-knowledge assessments almost better than doing code review