Archive | Web Hacking




snitch – Information Gathering Tool Via Dorks

Snitch is an information gathering tool which automates the process for a specified domain. Using built-in dork categories, this tool helps gather specified information domains which can be found using web search engines. It can be quite useful in early phases of penetration tests (commonly called the Information Gathering phase). snitch can identify general information, […]

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Privacy, Web Hacking | Add a Comment

OneLogin Hack – Encrypted Data Compromised

The OneLogin hack is blowing up now it seems like whoever got access can also decrypt encrypted customer data which is just about AS BAD as it can get for a password/identity management service. Now I’m a HUGE supporter of password management tools as I’ve mentioned many times here, so anyone who signed up for […]

Tags: , , , , , , ,

Posted in: Cryptography, Exploits/Vulnerabilities, Privacy, Web Hacking | Add a Comment

Sn1per – Penetration Testing Automation Scanner

Sn1per is a penetration testing automation scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Automatically brute forces sub-domains, gathers DNS info […]

Tags: , , , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Network Hacking, Web Hacking | Add a Comment

Microsoft Azure Web Application Firewall (WAF) Launched

Not too long after Amazon launched their cloud protection WAF the Microsoft Azure Web Application Firewall (WAF) has been made generally available in all public Azure DCs. It’s a good move with the majority of websites and services moving into one of the big 3 cloud providers (AWS, Google or Azure) and the vast majority […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Web Hacking | Add a Comment

Kadimus – LFI Scanner & Exploitation Tool

Kadimus is an LFI scanner and exploitation tool for Local File Inclusion vulnerability detection and intrusion. Installation

Then you can run the configure file:

Then:

Features Check all url parameters /var/log/auth.log RCE /proc/self/environ RCE php://input RCE data://text RCE Source code disclosure Multi thread scanner Command shell interface through HTTP Request Proxy support […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking | Add a Comment

LastPass Leaking Passwords Via Chrome Extension

LastPass Leaking Passwords is not new, last week its Firefox extension was picked apart – now this week it’s Chrome extension is giving up its goodies. I’ve always found LastPass a bit suspect, even though they are super easy to use, and have a nice UI they’ve had TOO many serious security issues for a […]

Tags: , , , , , , , , ,

Posted in: Exploits/Vulnerabilities, Password Cracking, Web Hacking | Add a Comment

OWASP VBScan – vBulletin Vulnerability Scanner

OWASP VBScan short for vBulletin Vulnerability Scanner is an open-source project in Perl programming language to detect VBulletin CMS vulnerabilities and analyse them. Features VBScan currently has the following: Compatible with Windows, Linux & OSX Up to date exploit database Full path disclosure Firewall detect & bypass Version check Upgrade config finder Random user agent […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Hacking Tools, Web Hacking | Add a Comment

DAVScan – WebDAV Security Scanner

DAVScan is a quick and lightweight WebDAV security scanner designed to discover hidden files and folders on DAV enabled web servers. The scanner works by taking advantage of overly privileged/misconfigured WebDAV servers or servers vulnerable to various disclosure or authentication bypass vulnerabilities. The scanner attempts to fingerprint the target server and then spider the server […]

Tags: , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Minion – Mozilla Security Testing Framework

Minion is a security testing framework built by Mozilla to bridge the gap between developers and security testers. To do so, it enables developers to scan with a wide variety of security tools, using a simple HTML-based interface. It consists of three umbrella projects: Minion Frontend, a Python, angular.js, and Bootstrap-based website that provides a […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

OWASP OWTF – Offensive Web Testing Framework

OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST. The purpose of this tool is to automate the manual and uncreative parts of pen testing. For example, Figuring […]

Tags: , , , , , , , ,

Posted in: Hacking Tools, Web Hacking | Add a Comment

Popular Tags

computer-security · darknet · Database Hacking · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · XSS ·