Tag Archive | "web-application-hacking"


17 November 2011 | 9,418 views

GoLISMERO – Web Application Mapping Tool

GoLISMERO helps you to map a web application, displaying the results in a readable format for security auditors and also prepares the results for integration with other web hacking tools as w3af, wfuzz, netcat, nikto, etc. Features Map a web aplication. Show all links and forms params as confortable format. Save results with some formats: [...]

Continue Reading


05 August 2011 | 11,262 views

Websecurify – Integrated Web Security Testing Environment

Websecurify is an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated as well as manual vulnerability tests and it is constantly improved and fine-tuned by a team of world class web application security penetration [...]

Continue Reading


15 June 2011 | 8,820 views

Skipfish 1.94b Released – Active Web Application Security Reconnaissance Tool

It’s been a while since we last mentioned Skipfish, it was back in March 2010 when they first came out. Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the [...]

Continue Reading


17 February 2011 | 14,089 views

Arachni v0.2.2.1 – Web Application Security Scanner Framework

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect [...]

Continue Reading


09 November 2010 | 8,764 views

XSSer v1.0 – Cross Site Scripter Framework

XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection. New Features Added “final remote injections” option Cross Flash Attack! Cross Frame Scripting Data Control Protocol Injections [...]

Continue Reading


07 October 2010 | 15,669 views

OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing. ZAP provides automated scanners [...]

Continue Reading


30 September 2010 | 6,598 views

inspathx – Tool For Finding Path Disclosure Vulnerabilities

inspathx is a tool that uses local source tree to make requests to the URL and searches for path inclusion (Full Path Disclosure) error messages. It’s a very common problem in PHP web applications that crops up a lot. PHP Web application developers sometimes fail to add safety checks against authentications, file inclusion etc and [...]

Continue Reading


21 September 2010 | 22,707 views

Havij – Advanced Automated SQL Injection Tool

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the [...]

Continue Reading


22 April 2010 | 15,367 views

PayPal Patches Critical Security Vulnerabilities

PayPal in the news again for a series of fairly high-profile vulnerabilities discovered by the same guy that found the XSS bugs in Google Calendar and Twitter (Nir Goldshlager). I’m glad people are looking at PayPal as I’m sure the volume of monetary transactions that pass through their site on a daily basis is huge. [...]

Continue Reading


22 March 2010 | 8,628 views

skipfish – Automated Web Application Security Reconnaissance Tool

The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation. To advance this goal, Google has released projects such as ratproxy, a passive security assessment tool. The latest is they have announced a new tool called skipfish – [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·