Websecurify is an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated as well as manual vulnerability tests and it is constantly improved and fine-tuned by a team of world class web application security penetration […]
sql-injection
sqlmap 0.9 Released – Automatic Blind SQL Injection Tool
It’s been a while since we’ve written about sqlmap, the last time was when 0.7 was released back in July 2009 – sqlmap 0.7 Released – Automatic SQL Injection Tool. Well sqlmap 0.9 has been released and has a considerable amount of changes including an almost entirely re-written SQL Injection detection engine. For those that […]
Web Hacking Incident Database Shows DoS Attacks On The Rise
It seems like the formidable Anonymous army has managed to change the weighting of stats collected by the Web Hacking Incident Database (WHID) with it’s vast array of DDoS attacks. We’ve reported on a couple of them like back in December when the WikiLeaks Attacks Caused Rival DDoS Retaliation. There have been a whole lot […]
Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements
We wrote our first review of Acunetix WVS 6 back in January 2009 and published an update about the release of Acunetix Web Vulnerability Scanner (WVS) 6.5 in June 2009. The team over at Acunetix have been working hard on version 7 for quite some time and released a new build with added features earlier […]
SQLInject-Finder – Intelligent SQL Injection Detection Script
SQLInject-Finder is a simple python script that parses through a pcap and looks at the GET and POST request data for suspicious and possible SQL injects. Rules to check for SQL injection can be easily added. Output can be printed neatly on the command line or in tab delimited format. The output includes: The suspicious […]