Browsing tag
sigurlx a web application attack surface mapping tool, it does …: Categorize URLs URLs’ categories: > endpoint > js {js} > style {css} > data {json|xml|csv} > archive {zip|tar|tar.gz} > doc {pdf|xlsx|doc|docx|txt} > media {jpg|jpeg|png|ico|svg|gif|webp|mp3|mp4|woff|woff2|ttf|eot|tif|tiff} Next, probe HTTP requests to the URLs for status_code, content_type, e.t.c Next, for every URL of category endpoint with […]
Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. With Thread Hijacking, it allows the hijacker.exe program to suspend a thread within the target.exe program allowing us to write shellcode to a thread.Usage int main() { System sys; Interceptor incp; Exception exp; sys.returnVersionState(); if (sys.returnPrivilegeEscalationState()) { std::cout << “Token Privileges […]
Syhunt Community is a web and now mobile application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detailed vulnerability information – Syhunt is […]
Automated Application Generation for Stack Overflow Types on Wireless Routers. Router exploits shovel is an automated application generation tool for stack overflow types on wireless routers. The tool implements the key functions of exploits, it can adapt to the length of the data padding on the stack, generate the ROP chain, generate the encoded […]
Kirjuri is a simple php/mysql web application for managing physical forensic evidence items. It is intended to be used as a workflow tool from receiving, booking, note-taking and possibly reporting findings. It simplifies and helps in case management when dealing with a large (or small!) number of devices submitted for forensic analysis. Kirjuri requires […]
Appy app, an app builder to make an app without coding. Steve Jobs had it right! There is an app for everything and businesses today, big and small, are realizing it. Mobile apps, in their limited time of existence, have made a massive impact on the industry and creating mobile apps is not limited to […]
Are you looking for easy-to-use Java performance tuning tips because you want to learn more developer knowledge and experience because of the current over-complicated process of optimization techniques? With a bit of practice, there are a few easy ways to learn best practices that allow you to build and optimize a well-designed and executed application. […]
A newly launched installer tool can let you experience Windows 10 on the Raspberry Pi 3. The new application comes from the same maker who brought the Windows 10 on ARM onto Lumia 950 and 950 XL handset. The developer named Jose Manuel Nieto Sanchez says the tool is “super easy to use” with “no-hassle.” There […]
XVNA is an extreme vulnerable node application coded in Nodejs(Expressjs)/MongoDB that helps security enthusiasts to learn application security. it’s not counseled to host this application online as it is intended to be Vulnerable. We tend to suggest hosting this application in native setting and sharpening your application security skills with any tools of your own […]
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities. FEATURES: Automatically collect all URL’s from a target website Automatically collect all dynamic URL’s and parameters from […]
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for common OWASP vulnerabilities. Features: Automatically collect all URL’s from a target website Automatically collect all dynamic URL’s and parameters from a […]
Build functional security testing, into your software development and release cycles! WebBreaker provides the capabilities to automate and centrally manage Dynamic Application Security Testing (DAST) as part of your DevOps pipeline. WebBreaker truly enables all members of the Software Security Development Life-Cycle (SDLC), with access to security testing, greater test coverage with increased visibility by […]
Glue is a framework for running a series of tools. Generally, it is intended as a backbone for automating a security analysis pipeline of tools. Dependencies clamav hashdeep rm (*nix) git mount (*nix) docker Download & Install gem install owasp-glue ordocker run owasp/glue Installation & run for Development purpose git clone https://github.com/owasp/glue cd glue — […]
OpenStego is a steganography application that can be used for data hiding and watermarking. Steganography tool is mostly used by hackers to hide secret messages inside another larger and harmless looking message. Hide data: Hide data into an image Extract data: Extract data from a image Generate signature Embed watermark Verify watermark […]
Creating Your Own Google Chrome Theme Using My Chrome Theme App Search for My Chrome Theme App in the Chrome web store ( if you can’t find the app then click here to get the app) and add the My Chrome Theme App to your Browser. Wait for the app to start and then open the App. You […]