Browsing category
Sandcat Browser 6 brings unique features that are useful for pen-testers and web developers. This tool is built on top of Chromium and uses the Lua programming language to provide extensions and scripting support. This Pen-Tester Tools extension pack includes Cookies and Cache Viewers, JavaScript Executor extension which allow user to load and run external […]
SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily. SSRFmap takes a Burp request file as input and a parameter to fuzz. Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform requests on their behalf. […]
The sandsifter audits x86 processors for hidden instructions and hardware bugs, by systematically generating machine code to search through a processor’s instruction set, and monitoring execution for anomalies. Your computer is not yours. You may have shelled out thousands of dollars for it. It may be sitting right there on your desk. You may have […]
Among the variety of complementary approaches used in the security evaluation of a target (e.g., software, an embedded equipment, etc.), fuzz testing—abbreviated fuzzing—is widely recognized as an effective means to help discovering security weaknesses in a target. Fuzzing is a software testing approach, which consists in finding design or implementation flaws by stepping outside the expectations the target may […]
Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes. Grinder Nodes provide an automated way to fuzz a browser, and generate useful crash information (such as call stacks with symbol information as well as logging information which can be used to generate reproducible test […]