Archive | Web Hacking




Droopescan – Plugin Based CMS Security Scanner

Droopescan is a plugin-based CMS security scanner that that will help you with identifying issues with several CMSs, mainly Drupal & Silverstripe. Droopescan aims to be the most accurate by default, while not overloading the target server due to excessive concurrent requests. Due to this, by default, a large number of requests will be made […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Anthem Hacked – US Health Insurance Provider Leaks 70 Million Records

Anthem Hacked! Everyone is screaming, I was like WTF is Anthem? Turns out it’s part of the 2nd largest health insurance provider in the US (Wellpoint) after United Healthcare – so it’s a pretty big deal with an estimated 70 Million people on its books. Of course according to them, “Anthem was the target of […]

Tags: , , , , , , ,

Posted in: Privacy, Web Hacking | Add a Comment

InsomniaShell – ASP.NET Reverse Shell Or Bind Shell

InsomniaShell is a tool for use during penetration tests, when you have ability to upload or create an arbitrary .aspx page. This .aspx page is an example of using native calls through pinvoke to provide either an ASP.NET reverse shell or a bind shell. ASP.NET is an open source server-side Web application framework designed for […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking | Add a Comment

WhatWeb – Identify CMS, Blogging Platform, Stats Packages & More

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1500 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Gruyere – Learn Web Application Exploits & Defenses

This codelab is built around Gruyere – a small, cheesy web application that allows its users to publish snippets of text and store assorted files. “Unfortunately,” Gruyere has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Critical XSS Flaw Affects WordPress 3.9.2 And Earlier

So it’s been a while since we’ve talked about any flaws in WordPress – because usually they are pretty dull and require such an obscure set of circumstances, that they are unlikely to ever occur in the wild. The most recent time was this year actually, but was a DoS attack, which is not THAT […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Sparty – MS Sharepoint and Frontpage Auditing Tool

Sparty is an open source Sharepoint and Frontpage auditing tool written in python to audit web applications using sharepoint and frontpage architecture. The motivation behind this tool is to provide an easy and robust way to scrutinize the security configurations of sharepoint and frontpage based web applications. Due to the complex nature of these web […]

Tags: , , , , , , , ,

Posted in: Web Hacking, Windows Hacking | Add a Comment

Arachni v1.0 Released – Web Application Security Scanner Framework

Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application’s behaviour during the scan process and is able to perform meta-analysis using a number of factors in order […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

RIPS – Static Source Code Analysis For PHP Vulnerabilities

RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced […]

Tags: , , , , , , , , , ,

Posted in: Programming, Security Software, Web Hacking | Add a Comment

JPMorgan Hacked & Leaked Over 83 Million Customer Records

So yah last week we all discovered, OMG JPMorgan Hacked! This set a lot of people on edge as JPMorgan Chase & Co is the largest US bank by assets – so it’s pretty seriously business. The breach happened back in July and was only disclosed last Thursday due to a filing to the US […]

Tags: , , , , , , , ,

Posted in: Privacy, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·