Tag Archive | "hacking-websites"


30 April 2010 | 18,832 views

DAVTest – WebDAV Vulnerability Scanning (Scanner) Tool

When facing off against a WebDAV enabled server, there are two things to find out quickly: can you upload files, and if so, can you execute code? DAVTest attempts help answer those questions, as well as enable the pentester to quickly gain access to the host. DAVTest tries to upload test files of various extension [...]

Continue Reading


28 January 2010 | 9,876 views

Groundspeed 1.1 – Web Application Security Add-on For Firefox

Groundspeed is an open-source Firefox extension for web application security testers presented at the OWASP AppSec DC 2009. It allows you to manipulate the web application’s user interface to eliminate annoying limitations and client-side controls that interfere with the web application penetration test. What can I do with Groundspeed? Groundspeed allows you to modify the [...]

Continue Reading


11 January 2010 | 6,361 views

WAFP – Web Application Finger Printing Tool

How it works? WAFP fetches the files given by the Finger Prints from a webserver and checks if the checksums of those files are matching to the given checksums from the Finger Prints. This way it is able to detect the detailed version and even the build number of a Web Application. In detail? A [...]

Continue Reading


26 October 2009 | 4,862 views

Web Application Security Consortium (WASC) 2008 Statistics Published

The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2008. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. We ascertain which classes of attacks are the most prevalent [...]

Continue Reading


22 October 2009 | 34,571 views

Nikto 2.1.0 Released – Web Server Security Scanning Tool

It’s been almost 2 years since the last update on Nikto, which was version 2. For those that don’t know, Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on [...]

Continue Reading


21 September 2009 | 30,135 views

Websecurify – Web Security Testing Framework

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies. Key Features JavaScript – Websecurify Security Testing Framework is the first tool of its kind to be written entirely in JavaScript using only standard technologies adopted by the leading [...]

Continue Reading


08 September 2009 | 11,560 views

SWFScan – Free Flash Application Security Scanner

HP SWFScan is a free tool developed by HP Web Security Research Group, which will automatically find security vulnerabilities in applications built on the Flash platform. HP is offering SWFScan because: Their research shows that developers and increasingly implementing applications built on the Adobe Flash platform without the required security expertise. As a result, they [...]

Continue Reading


15 July 2009 | 20,294 views

Damn Vulnerable Web App – Learn & Practise Web Hacking

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security. Vulnerabilities SQL Injection XSS (Cross Site Scripting) LFI (Local File Inclusion) RFI (Remote [...]

Continue Reading


18 May 2009 | 8,776 views

Samurai Web Testing Framework 0.6 Released – Web Application Security LiveCD

You may remember we wrote about Samurai being released back in November 2008, it’s been quite a while since the last update. The authors have updated and fixed a number of issues with the environment as well as improved performance of the java based tools. They have also included a virtual machine of the environment. [...]

Continue Reading


13 May 2009 | 67,986 views

Pangolin – Automatic SQL Injection Tool

Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·