Archive | Web Hacking




Shadow Daemon – Web Application Firewall

Shadow Daemon is a collection of tools to detect, protocol and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. Shadow Daemon is easy […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

OWASP Zed Attack Proxy – Integrated Penetration Testing Tool

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Web Security Dojo 2.0 – Self-Contained Web Hacking Training

Web Security Dojo is a free open-source self-contained web hacking training environment for Web Application Security penetration testing. Tools + Targets = Dojo What? Various web application security testing tools and vulnerable web applications were added to a clean install of xubuntu 12.04. Build scripts are available in git at Sourceforge. Targets include: OWASP’s WebGoat […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Plecost – WordPress Fingerprinting Tool

Plecost is a WordPress fingerprinting tool, it can search and retrieve information about the plug-in versions installed in a WordPress installation. It can be used to analyse a single URL or perform an analysis based on the results indexed by Google. Additionally it also displays the CVE code associated with each plug-in vulnerability, if any […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

InstaRecon – Automated Subdomain Discovery Tool

InstaRecon is an automated basic digital reconnaissance tool which is great for getting an initial footprint of your targets and discovering additional subdomains. In basic terms, it’s an automated subdomain discovery tool for the information gathering phase of penetration tests. There are other tools which cover some parts of the InstaRecon functionality such as: – […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment

Wapiti – Web Application Vulnerability Scanner v2.3.0

Wapiti is a web application vulnerability scanner, it allows you to audit the security of your web applications. It performs “black-box” scans, i.e. it does not study the source code of the application but will scans the web pages of the deployed web application, looking for scripts and forms where it can inject data. Once […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

WordPress Critical Zero-Day Vulnerability Fixed In A Hurry

So this is an interesting announcement due to the discussion points it brings up about responsible disclosure, it seems like in this case a researcher published his findings about a WordPress critical zero-day vulnerability without informing WordPress before hand. And they got it fixed REAL quickly, where as in a previous (pretty similar) case – […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

SamuraiWTF 3.x And Onwards – Web Testing Framework Linux LiveCD

The Samurai Web Testing Framework (AKA SamuraiWTF) is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, the authors have based the tool selection on the […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Linux Hacking, Web Hacking | Add a Comment

Watcher – Passive Web Application Vulnerability Scanner

Ever find yourself looking for that show-stopper exploit in a Web-app, and forgetting to check out all the low-hanging fruit? That’s initially why the authors created Watcher – a passive web application vulnerability scanner. For one thing, you don’t want to manually inspect a Web-app for many of these issues (cookie settings, SSL configuration, information […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Commix – Command Injection Attack Tool

Commix (short for [comm]and [i]njection e[x]ploiter) has a simple environment and it can be used by web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this command injection attack tool, it is very easy to find […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·