Tag Archive | "website security"


07 March 2012 | 7,856 views

Goofile v1.5 – Search For A Specific File Type In A Given Domain.

Use this tool to search for a specific file type in a given domain – inspired by TheHarvester. Usage

-d: domain to search -f: filetype (ex. pdf) Written in Python and tested on 2.5 and 2.7. Please submit any bug reports or requests to the author. You can download Goofile v1.5 here: goofilev1.5.zip Or [...]

Continue Reading


17 November 2011 | 9,380 views

GoLISMERO – Web Application Mapping Tool

GoLISMERO helps you to map a web application, displaying the results in a readable format for security auditors and also prepares the results for integration with other web hacking tools as w3af, wfuzz, netcat, nikto, etc. Features Map a web aplication. Show all links and forms params as confortable format. Save results with some formats: [...]

Continue Reading


10 June 2010 | 9,059 views

Samurai Web Testing Framework v0.8 Released – Pen Testing Security LiveCD

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. It’s been quite a while since the latest fairly major update of SamuraiWTF (around a [...]

Continue Reading


28 January 2010 | 9,859 views

Groundspeed 1.1 – Web Application Security Add-on For Firefox

Groundspeed is an open-source Firefox extension for web application security testers presented at the OWASP AppSec DC 2009. It allows you to manipulate the web application’s user interface to eliminate annoying limitations and client-side controls that interfere with the web application penetration test. What can I do with Groundspeed? Groundspeed allows you to modify the [...]

Continue Reading


18 May 2009 | 8,772 views

Samurai Web Testing Framework 0.6 Released – Web Application Security LiveCD

You may remember we wrote about Samurai being released back in November 2008, it’s been quite a while since the last update. The authors have updated and fixed a number of issues with the environment as well as improved performance of the java based tools. They have also included a virtual machine of the environment. [...]

Continue Reading


28 January 2009 | 15,550 views

Independent Web Vulnerability Scanner Comparison – Acunetix WVS, IBM Rational AppScan & HP WebInspect

I saw a relevant paper published today by an individual that claims the comparison was ordered by a penetration testing company (a company which remains unnamed). The vendors were not contacted during or after the evaluation. Testing Procedure The author tested 13 web applications (some of them containing a lot of vulnerabilities), 3 demo applications [...]

Continue Reading


16 January 2009 | 6,745 views

FireCAT 1.5 Released – Firefox Catalog of Auditing Extensions

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment FireCAT 1.5 will be the last release of this 1.x branch. In fact, we are working on a new improved version 2.0 (management of plugins, instant download from security-database, ability to [...]

Continue Reading


27 November 2008 | 5,176 views

FireCAT 1.4 Released – Firefox Catalog of Auditing Extensions

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment You can find an online map of Firecat v1.4 here. Changes for version 1.4 Information Gathering (Enumeration and Fingerprinting) Passive Recon : PassiveRecon allows Information Security professionals the ability to perform [...]

Continue Reading


12 November 2008 | 16,472 views

Samurai Web Testing Framework – Web Application Security LiveCD

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use [...]

Continue Reading


03 January 2008 | 6,846 views

gotroot modsecurity Rules for Apache – Anti-spam and Security

To follow on from Whitetrash which I posted about previously, here is another tool to secure your web site or web application. Essentially it’s a very comprehensive set of rules for mod_security. ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·