Tag Archives | PHP




WAF-FLE – Graphical ModSecurity Console Dashboard

WAF-FLE (Web Application Firewall: Fast Log and Event Console) is a OpenSource ModSecurity Console – which allows the modsecurity admin to store, view and search events sent by sensors. It uses a graphical dashboard to drill-down and find quickly the most relevant events. It is designed to be fast and flexible, while keeping a powerful […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment

Weevely 3 – Weaponized PHP Web Shell

Weevely is a command line weaponized PHP web shell dynamically extended over the network at runtime and is designed for remote administration and pen testing. It provides a telnet-like console through a PHP script running on the target, even in restricted environments. The low footprint agent and over 30 modules shape an extensible framework to […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

vBulletin.com Hacked – Forum User Emails & Encrypted Passwords Leaked

vBulletin.com hacked is the latest news going around, there seems to have been a spate of these lately, with huge numbers of user accounts leaked. Thankfully this time, the passwords are actually hashed, but with what algorithm – we aren’t quite sure. Perhaps someone could figure it out with HashTag. I do have some vBulletin […]

Tags: , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

aidSQL – PHP Application For SQL Injection Detection & Exploitation

aidSQL a PHP application provided for detecting security holes in your website/s. It’s a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. The tool provides pen-testing capabilities for MS-SQL 2000, MySQL 5 and the author promises to add Oracle 10g support – but that doesn’t seem […]

Tags: , , , , , , ,

Posted in: Database Hacking, Hacking Tools, Web Hacking | Add a Comment

Graphical Web Interface for OSSEC WUI AnaLogi v1.1

‘Analytical Log Interface’ was built to sit on top of OSSEC (built on OSSEC 2.6) and requires 0 modifications to OSSEC or the database schema that ships with OSSEC. AnaLogi requires a Webserver sporting PHP and MySQL. Written for inhouse analysis work, released under GPL to give something back – it’s intended to help you […]

Tags: , , , , , , , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment

Carbylamine – A PHP Script Encoder to ‘Obfuscate/Encode’ PHP Files

Carbylamine is a PHP Encoder project, which can bypass all leading anti-virus detection against PHP Shells (C99, R57 etc) easily. It can be a very efficient tool for pen-testers when carrying out a black box test which involves inserting malicious code via PHP. Usage

You can download Carbylamine here: carbylamine.php Or read more here.

Tags: , , , , , , , , , , ,

Posted in: Cryptography, Hacking Tools, Programming | Add a Comment

Damn Vulnerable Web App – Learn & Practise Web Hacking

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security. Vulnerabilities SQL Injection XSS (Cross Site Scripting) LFI (Local File Inclusion) RFI (Remote […]

Tags: , , , , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Programming, Web Hacking | Add a Comment

browserrecon – Passive Browser Fingerprinting

Most of todays tools for fingerprinting are focusing on server-side services. Well-known and widely-accepted implementations of such utilities are available for http web services, smtp mail server, ftp servers and even telnet daemons. Of course, many attack scenarios are focusing on server-side attacks. Client-based attacks, especially targeting web clients, are becoming more and more popular. […]

Tags: , , , , , , , , ,

Posted in: General Hacking, Privacy, Web Hacking | Add a Comment

Skavenger – Source Code Auditing Tool!

Skavenger? Yes, because scavenger is already used?!? What is skavenger? Skavenger is a source code auditing tool, firstly though for php, but also used for any kind of source code file; as long as you know what to look for… Yes I thought is as a replacement tool for egrep/sed under Windows! because not everybody […]

Tags: , , , , , , , , , , , , ,

Posted in: Programming, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·