HttpBee is a swiss-army-knife tool for web application hacking. It is multi-threaded, embedded with scriptable engine and has both command-line and daemon mode (if executed in daemon mode, HttpBee can become an agent of a distributed framework). This is a tool for more advanced users and there isn’t much documentation so if anyone feels like […]
web-application-hacking
mssql-hax0r v0.9 – Multi-purpose MS-SQL injection script
[ad] mssql-hax0r v0.9 is a Multi-purpose MS-SQL injection attack tool for advanced Microsoft SQL Server exploitation. Three modes of operation are currently available: info (Information Gathering), dump (Record Dump), and brute (Brute Force). You may need to tweak the code a bit to make it fit your needs (i.e. modifying the injection string and/or the […]
AccessDiver – Web Site Security Testing Tool
[ad] AccessDiver is a security tester for WEB sites. It incorporates a set of powerful features which help you find and organize failures and weaknesses from your web site. AccessDiver can detect security failures on your web pages. It has multiple efficient tools which will verify the robustness of your accounts and directories accurately. So, […]
SPIKE Proxy – Application Level Security Assessment
[ad] SPIKE Proxy is part of the SPIKE Application Testing Suite, It functions as an HTTP and HTTPS proxy, and allows the web developer or web application auditor low level access to the entire web application interface, while also providing a bevy of automated tools and techniques for discovering common problems. These automated tools include: […]