Hcon Security Testing Framework (HconSTF) v0.4 – Fire Base


HconSTF is an Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessment. It contains webtools which are capable of carrying out XSS attacks, SQL Injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. It could prove useful to anybody interested in the information security domain – students, security professionals, web developers and so on.

Hcon Security Testing Framework (HconSTF) v0.4

Features

  • Categorized and comprehensive toolset
  • Contains hundreds of tools and features and script for different tasks like SQLi, XSS, Dorks, OSINT to name a few
  • HconSTF webUI with online tools (same as the Aqua base version of HconSTF)
  • Each and every option is configured for penetration testing and Vulnerability assessments
  • Specially configured and enhanced for gaining easy & solid anonymity
  • Works for web app testing assessments specially for OWASP top 10
  • Easy to use & collaborative Operating System like interface
  • Multi-Language support (feature in heavy development translators needed)

You can download HconSTF 0.4 beta here:

HconSTF_v0.4_Freedom_portable.exe

Or read more here.

Posted in: Hacking Tools

, , , , , , ,


Latest Posts:


APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.


2 Responses to Hcon Security Testing Framework (HconSTF) v0.4 – Fire Base

  1. IT Security July 31, 2012 at 2:07 am #

    I use the aqua base version of this for testing client gateways and firewalls. My only wish would be to make this a PCI compliant scanning vendor so I can issue some of my clients the appropriate certificates form it.

  2. NNM August 2, 2012 at 2:17 pm #

    Tested..
    Looks more like a customized, skinned and overrated firefox , with some plugins…
    Disappointed there! Expected more than a bloated browser.