Tag Archive | "web-application-security"


23 August 2014 | 2,207 views

Garmr – Automate Web Application Security Tests

Garmr is a tool to inspect the responses from websites for basic security requirements. It includes a set of core test cases implemented in corechecks that are derived from the Mozilla Secure Coding Guidelines which can be found here: https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines The purpose of this page is to establish a concise and consistent approach to secure [...]

Continue Reading


09 June 2014 | 2,044 views

OWASP Mantra 0.92 – Browser Based Security Framework

OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. Mantra is lite, flexible, portable and user friendly with a [...]

Continue Reading


24 February 2014 | 1,507 views

wig – WebApp Information Gatherer – Identify CMS

wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files. OS identification is done by using the value of the ‘server’ and ‘X-Powered-By’ in the response header. These values are compared to a database of which package versions are include with [...]

Continue Reading


15 October 2012 | 5,035 views

Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool

Web-Sorrow is a PERL based tool for misconfiguration, version detection, enumeration, and server information scanning. It’s entirely focused on enumeration and collecting information about a target server. Web-Sorrow is a “safe to run” program, meaning it is not designed to be an exploit or perform any harmful attacks. There’s a couple of other tools that [...]

Continue Reading


09 January 2012 | 13,899 views

Arachni v0.4 Released – High-Performance (Open Source) Web Application Security Scanner Framework

Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby. This version includes lots of goodies, including: A new light-weight RPC implementation (No more XMLRPC) High Performance Grid (HPG) — Combines the resources of multiple nodes for lightning-fast scans Updated WebUI to provide access to HPG features and context-sensitive help Accuracy [...]

Continue Reading


17 November 2011 | 9,435 views

GoLISMERO – Web Application Mapping Tool

GoLISMERO helps you to map a web application, displaying the results in a readable format for security auditors and also prepares the results for integration with other web hacking tools as w3af, wfuzz, netcat, nikto, etc. Features Map a web aplication. Show all links and forms params as confortable format. Save results with some formats: [...]

Continue Reading


15 September 2011 | 12,384 views

Lilith – Web Application Security Audit Tool

LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html form tags , which often refer to dynamic pages that might be subject to SQL injection or other flaws. It works as an ordinary spider and analyses pages, following hyperlinks, injecting special characters that have a [...]

Continue Reading


14 September 2011 | 9,188 views

WAVSEP – Web Application Vulnerability Scanner Evaluation Project

The author of WAVSEP (Shay Chen) e-mailed quite some time back about this project, but I have to say I honestly didn’t have time to look at it back then. It popped back up on my radar again when it was mentioned by the author of – Arachni v0.3 – his tool did extremely well [...]

Continue Reading


29 August 2011 | 60,029 views

WebSurgery – Web Application Security Testing Suite

WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. Currently, it uses an efficient, fast and stable Web Crawler, File/Dir Brute forcer, Fuzzer for advanced exploitation of known and unusual vulnerabilities such as SQL Injection, Cross [...]

Continue Reading


22 August 2011 | 12,612 views

Arachni v0.3 Released – Web Application Security Scanner Framework

It’s been a while since we last mentioned Arachni, it was back in February – Arachni v0.2.2.1 – Web Application Security Scanner Framework. For those who are not aware, Arachni is a fully automated system which tries to enforce the fire and forget principle. As soon as a scan is started it will not bother [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·