Archive | Web Hacking




PHProxy 0.5 Beta Released – Web HTTP Proxy to Bypass Firewalls

What is PHProxy? PHProxy is a Web HTTP proxy programmed in PHP to bypass firewalls and other proxy restrictions through a Web interface very similar to the popular CGIProxy. School/country/company blocked your favorite Website? Look no further! The server that this script runs on simply acts as a medium that retrives resources for you. The […]

Tags: , , , , , , , ,

Posted in: Security Software, Web Hacking | Add a Comment

Smart Trojan Targets eBay Users

It seems like people that make malware are getting more specific nowadays, the are no longer writing random self-propagating worms or trojans just for the sake of knowledge or notoriety. Far more common nowadays is malware for specific purposes to capture login or banking details for certain sites or organisations. This time it’s a custom […]

Tags: , , , , , , , ,

Posted in: Malware, Web Hacking, Windows Hacking | Add a Comment

FireCAT – Firefox Catalog of Auditing Tools

After the web 2.0 hacking with firefox and its plugins article I wrote some months ago, recently I found a new way to transform firefox in the ultimate pen-testing tool… actually it has been lying in my inbox for days… …new Firefox Framework Map collection of the most useful security oriented extensions. We called the […]

Tags: , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

ObiWaN – Web Server Brute Forcing from Phenoelit

This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers. The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a […]

Tags: , , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking, Web Hacking | Add a Comment

Technika – Automate Common Exploit Tasks

Technika was developed for the computer security professionals to automate common exploitative task from the browser. It acts like a standard OS shell scripting environment. You can script everything from the currently viewed page just like Greasemonkey (spawn processes, unrestricted XMLHttpRequest connections and sockets). You can autorun bookmarklets and perform safe operations on the currently […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking | Add a Comment

Stompy – The Web Application Session Analyzer Tool

A new tool dealing with web sessions was recently announced, it’s called stompy, a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they’re predictable or simply vulnerable to brute-force attacks, we do have a problem. […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

WordPress Download Server Compromised (2.1.1) – Get 2.1.2 NOW!

Some sneaky hacker got into the WordPress download server and placed a backdoor in the latest available version (2.1.1). Luckily within a day someone reported the exploit to the WordPress team and they took the site down to investigate. This morning we received a note to our security mailing address about unusual and highly exploitable […]

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, General Hacking, Web Hacking | Add a Comment

A Collection of Web Backdoors & Shells – cmdasp cmdjsp jsp-reverse php-backdoor

Michael Daw has collected some WEB backdoors to exploit vulnerable file upload facilities and others. It’s a pretty useful library for a variety of situations, especially for those doing web application security audits and web app security. Understanding how these backdoors work can also help security administrators implement firewalling and security policies to mitigate obvious […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Fierce Domain Scanner Released – Domain Reconnaissance Tool

Fierce domain scan was born out of personal frustration after performing a web application security audit. It is traditionally very difficult to discover large swaths of a corporate network that is non-contiguous. It’s terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can […]

Tags: , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Another 0-day MySpace XSS Exploit

This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought). Once again an XSS flaw shows up in MySpace. digi7al64 found yet another hole in myspace using non-alpha-non-digit […]

Tags: , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·