So another vulnerability with a name and a logo – ImageTragick? At least this time it’s pretty dangerous, a bunch of ImageMagick Zero-Day vulnerabilities have been announced including one that can leave you susceptible to remote code execution. It’s pretty widely used software too and very public, if you use an app online that lets […]
Web Hacking
Web hacking is always the latest headline find web hacking 101, tools, web site hacking, web application hacking and the latest news about website hacking here.
Some examples of web hacking tools are:
- wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download
- Wfuzz Download – Web Application Password Cracker
- FLARE – Flash Decompiler to Extract ActionScript
- WebSurgery – Web Application Security Testing Suite
Some examples of web hacking protection are:
BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records
So another data breach, and no surprise here, but another dating site. This time the BeautifulPeople.com Leak has exposed 1.1 million customer records, including 15 million private messages sent between users. Not so private now is it. And no surprise either the entry point for this leak, was the not-so excellent NoSQL database MongoDB which […]
INURLBR – Advanced Search Engine Tool
INURLBR is a PHP based advanced search engine tool for security professionals, it supports 24 search engines and 6 deep web or special options. Very useful for the information gathering phase of a penetration test or vulnerability assessment. This tool functions in many ways enabling you to harness the power of what’s already indexed by […]
AuthMatrix for Burp Suite – Web Authorisation Testing Tool
AuthMatrix a web authorisation testing tool built as an extension to Burp Suite that provides a simple way to test authorisation in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are displayed through the UI in a […]
PayPal Remote Code Execution Vulnerability Patched
So this is a big one, and thankfully this PayPal Remote Code Execution Vulnerability was discovered by security researchers and not the bad guys. Although there’s no way for us to know if someone has been using this to siphon data out of PayPal for some time before the whitehats found it. It’s a roundabout […]