There are various vulnerable web applications such as Jarlsberg, WackoPicko, Damn Vulnerable Web Application (DVWA), Vicnum, etc. Now we have another application that is vulnerable and ready to be exploited! The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to penetration testing. Features Easy to install – […]
web-application-security
sqlmap 0.9 Released – Automatic Blind SQL Injection Tool
It’s been a while since we’ve written about sqlmap, the last time was when 0.7 was released back in July 2009 – sqlmap 0.7 Released – Automatic SQL Injection Tool. Well sqlmap 0.9 has been released and has a considerable amount of changes including an almost entirely re-written SQL Injection detection engine. For those that […]
Wappalyzer – Web Technology Identifier (Identify CMS, JavaScript etc.)
Wappalyzer is an add-on for Firefox that uncovers the technologies used on websites. It detects CMS and e-commerce systems, message boards, JavaScript frameworks, hosting panels, analytics tools and several more. The company behind Wappalyzer also collects information about web based software to create publicly available statistics, revealing their growth over time and popularity compared to […]
CAT – Web Application Security Test & Assessment Tool
CAT is designed to facilitate manual web application penetration testing for more complex, demanding application testing tasks. It removes some of the more repetitive elements of the testing process, allowing the tester to focus on individual applications, thus enabling them to conduct a much more thorough test. Conceptually it is similar to other proxies available […]
JBoss Autopwn – JSP Hacking Tool For JBoss AS Server
This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to provide an interactive session. Features Multiplatform support – tested on Windows, Linux and Mac targets Support for bind and reverse bind shells Meterpreter shells and VNC support for Windows targets […]