Hcon Security Testing Framework (HconSTF) v0.4 – Fire Base


HconSTF is an Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessment. It contains webtools which are capable of carrying out XSS attacks, SQL Injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. It could prove useful to anybody interested in the information security domain – students, security professionals, web developers and so on.

Hcon Security Testing Framework (HconSTF) v0.4

Features

  • Categorized and comprehensive toolset
  • Contains hundreds of tools and features and script for different tasks like SQLi, XSS, Dorks, OSINT to name a few
  • HconSTF webUI with online tools (same as the Aqua base version of HconSTF)
  • Each and every option is configured for penetration testing and Vulnerability assessments
  • Specially configured and enhanced for gaining easy & solid anonymity
  • Works for web app testing assessments specially for OWASP top 10
  • Easy to use & collaborative Operating System like interface
  • Multi-Language support (feature in heavy development translators needed)

You can download HconSTF 0.4 beta here:

HconSTF_v0.4_Freedom_portable.exe

Or read more here.

Posted in: Hacking Tools

, , , , , , ,


Latest Posts:


Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.


2 Responses to Hcon Security Testing Framework (HconSTF) v0.4 – Fire Base

  1. IT Security July 31, 2012 at 2:07 am #

    I use the aqua base version of this for testing client gateways and firewalls. My only wish would be to make this a PCI compliant scanning vendor so I can issue some of my clients the appropriate certificates form it.

  2. NNM August 2, 2012 at 2:17 pm #

    Tested..
    Looks more like a customized, skinned and overrated firefox , with some plugins…
    Disappointed there! Expected more than a bloated browser.