Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission. For example, […]
Web Hacking
Web hacking is always the latest headline find web hacking 101, tools, web site hacking, web application hacking and the latest news about website hacking here.
Some examples of web hacking tools are:
- wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download
- Wfuzz Download – Web Application Password Cracker
- FLARE – Flash Decompiler to Extract ActionScript
- WebSurgery – Web Application Security Testing Suite
Some examples of web hacking protection are:
Echo Mirage – A Generic Network Proxy
Echo Mirage is a generic network proxy. It uses DLL injection and function hooking to redirect network related function calls so that data transmitted and received by local applications can be observed and modified. Think of it as Odysseus (or Burp, if you prefer) that will proxy (almost) anything… Windows encryption and OpenSSL functions are […]
BeEF – Browser Exploitation Framework
There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think. BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the […]
Security Compass Web Application Analysis Tool – SWAAT
Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT. You may know it as a static analysis tool. Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages: Java and JSP ASP.Net PHP Using xml-based signature […]
FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability
A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID […]