MySql 5 Enumeration tool
This script uses blind SQL injection and boolean enumeration to perform INFORMATION_SCHEMA Mapping. Usage: perl mysql5enum.pl -h [hostname] -u [url] [-q [query]] Ex: perl mysql5enum.pl -h...
View ArticleSimple Phishing Toolkit
The spt project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Organizations spend billions of dollars annually in an effort to...
View ArticleReaver – brute force Wifi Protected Setup
Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in...
View ArticleDotDotPwn v3.0 The Directory Traversal Fuzzer
Version: DotDotPwn v3.0 Release date: 03/Feb/2012 (Release at BugCon Security Conferences 2012) Changes / Enhancements / Features: -X switch that implements the Bisection Algorithm in order to detect...
View Articlehttpry packet sniffer
httpry is packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but to capture, parse, and log the traffic for later analysis. It can be run in...
View ArticleApache Tomcat Remote Exploit (PUT request) and Account Scanner
The modified pnscan scanner utility scans a range of IPs to find open apache tomcat servers by trying the following login access combinations: tomcat:tomcat password:password admin:admin admin:password...
View ArticleXCat – exploitation of XPath injection vulnerabilities
XCat is a command line program that aides in the exploitation of XPath injection vulnerabilities. It boasts a wide range of features and can utilize the more advanced features of the XPath 2.0...
View ArticleEnema – tool for SQL injection
Enema is not autohacking software. This is dynamic tool for people, who knows what to do. Not supported old database versions (e. g. mysql 4.x). Development targeted to modern versions. Features:...
View Articleweb-sorrow – server security scanner
A perl based tool for misconfiguration, version detection, enumeration, and server information scanning. Web-Sorrow is a “safe to run” program. meaning it is not designed attempt to exploit or preform...
View ArticleIronWASP – Iron Web application Advanced Security testing Platform
IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can...
View Article
