August 30th, 2007

Microsoft UK Defaced by Saudi Hackers

A while back Microsoft UK got hacked by some Saudi Hackers, Microsoft is always one of the top targets for renegades and ‘cyber-terrorists’ as the high profile nature of the company can give some publicity to their causes.
This was less than a month after Technet got owned.
I don’t think they are ever going to lay [...]

August 22nd, 2007

w3af – Web Application Attack and Audit Framework

A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features:

Audit

SQL injection detection
XSS detection
SSI detection
Local file include detection
Remote file include detection
Buffer Overflow [...]

July 31st, 2007

Wfuzz – A Tool for Bruteforcing/Fuzzing Web Applications

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.

The tool is based on dictionaries and ranges, you choose where you want to bruteforce [...]

July 17th, 2007

Sandcat by Syhunt – Web Server & Application Vulnerability Scanner

Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes.
The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.
This is a pretty nifty [...]

July 13th, 2007

FG-Injector – SQL Injection & Proxy Tool

FG-Injector Framework is a set of tools designed to help find SQL injection vulnerabilities in web applications, and help the analyst assess their severity. It includes a powerful proxy feature for intercepting and modifying HTTP requests, and an inference engine for automating SQL injection exploitation.

Often web developers think that by disabling error messages in their [...]

January 27th, 2007

Introducing WHCC – Web Hack Control Center

Web Hack Control Center is a GUI based web server vulnerability scanner or assessment tool. This application gives you the means to identify which security vulnerabilities exist on your web servers by scanning them for the most popular server exploits. WHCC contains a database of thousands of exploits for a variety of web servers. This [...]


Sitemap - ShaolinTiger - DigiSniper - Digital Photography
Shutter Asia Photography Forum - We Ate This