Archive | Web Hacking




BeEF – Browser Exploitation Framework

There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think. BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Security Software, Web Hacking | Add a Comment

Security Compass Web Application Analysis Tool – SWAAT

Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT. You may know it as a static analysis tool. Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages: Java and JSP ASP.Net PHP Using xml-based signature […]

Tags: , , , , , , , , , , , , ,

Posted in: Hacking Tools, Security Software, Web Hacking | Add a Comment

FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability

A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID […]

Tags: , , , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

SIFT Web Method Search Tool

SIFT has just published a world-first tool for identifying rogue web methods. The Web Method Search tool is a Windows based application that uses a hybrid dictionary attack in an attempt to find unpublished administrative and other web services functions. As web services are becoming more prevalent, poor security practices from previous generations of application […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

The Top 10 PHP Security Vulnerabilities from OWASP

This is a useful article that has basically taken the OWASP Top 10 Vulnerabilities and remapped them to PHP with actual examples. The Open Web Application Security Project released a helpful document that lists what they think are the top ten security vulnerabilities in web applications. These vulnerabilities can, of course, exist in PHP applications. […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Web Based E-mail (Hotmail Yahoo Gmail) Hack/Hacking with JavaScript

“pleez, pleez, PLEEZ teach me how to hack a Hotmail Account!!!” -unidentified IRC user From here on in you walk alone. Neither little_v OR Black Sun Research Facility AND its members will be responsible for what you do with the information presented here. Do not use this information to impress your “l33t0_b0rit0” friends. Do not […]

Tags: , , , , , , , , , ,

Posted in: General Hacking, Old Skool Philes, Web Hacking | Add a Comment

Teen Data Exposed on Myspace

Ah another flaw in Myspace, this time it’s quite dangerous exposing the details of teenagers. A security hole in the popular MySpace social networking site allowed users to view entries marked “private”, a crucial protection for users aged under 16, according to weekend reports. Though the site is said to have fixed the problem, it […]

Tags: , , , , , , ,

Posted in: General Hacking, Web Hacking | Add a Comment

AttackAPI 0.5 – JavaScript Security Tools

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors. The project was primary inspired by the JythonShell applet. At its very early stage AttackAPI was a single extensible web enabled python console with a few modules. The 0.5 release of AttackAPI is purely JavaScript based. This is not a shift in the […]

Tags: , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Link & Comment Spamming – A possible solution.

Recently one of the sites I am developing for my self was link spammed. Some unpleasant individual decided that it would be fun to post 160 ‘comments’ spread over all the blog posts. All the comments contained was URL’s. Even more stupid they used BB tags, but as I wrote the site it doesn’t use […]

Tags: , , , , , , , ,

Posted in: General Hacking, Spammers & Scammers, Web Hacking | Add a Comment

OWASP – Fortify Bug Taxonomy

Ah at last a good solid collaborative effort to identify and categorise software vulnerabilities with a solid taxonomy and good organisation! It seems very well written too in terms that anyone familiar with software development or programming can understand. Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of […]

Tags: , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·