Views: 6,517 Commix (short for [comm]and [i]njection e[x]ploiter) has a simple environment and it can be used by web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this command injection attack tool, it is very easy […]
web-applications-security
Safe3 SQL Injector – Automatic Detection & Exploitation Of SQL Injection Flaws
Views: 21,495 Safe3 SQL Injector is one of the most powerful penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. Features Full support for GET/Post/Cookie Injection Full support for HTTP Basic, Digest, NTLM and Certificate authentications Full support for MySQL, Oracle, PostgreSQL, MSSQL, […]
w3af 1.0-rc3 Available For Download – Web Application Attack & Audit Framework
Views: 13,855 [ad] Our last mention of w3af was back in 2008 when the fifth BETA was released, the team have recently released a new version 1.0 – Release Candidate 3. w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities […]
WSFuzzer – Web Services Fuzzing Tool for HTTP and SOAP
Views: 12,693 [ad] WSFuzzer is a fuzzing tool targetting HTTP and SOAP based web services. The program currently targets Web Services. In the current version HTTP based SOAP services are the only supported targets. This tool was created based on, and to automate, some of the manual SOAP pen testing work we perform. This tool […]
Sandcat by Syhunt – Web Server & Application Vulnerability Scanner
Views: 9,716 [ad] Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. […]