[ad] Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, upstream proxies, logging, alerting and extensibility. Burp […]
web-application-security
WAFP – Web Application Finger Printing Tool
How it works? WAFP fetches the files given by the Finger Prints from a webserver and checks if the checksums of those files are matching to the given checksums from the Finger Prints. This way it is able to detect the detailed version and even the build number of a Web Application. In detail? A […]
fimap – Remote & Local File Inclusion (RFI/LFI) Scanner
[ad] fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps. fimap is similar to sqlmap just for LFI/RFI bugs instead of sql injection. It is currently under heavy development but it’s usable. Features Check a Single URL, List of […]
Binging (BETA) – Footprinting & Discovery Tool (Google Hacking)
[ad] It’s been a while since I’ve seen a tool of this type, back in the heydays of Google Hacking (which became the generic term for information gathering via search engines) there were multiple tools such as Gooscan and Goolag. Binging is a simple tool to query Bing search engine. It will use your Bing […]
Web Application Security Consortium (WASC) 2008 Statistics Published
[ad] The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2008. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. We ascertain which classes of attacks are the most […]