A newer and improved version of FOCA version 3.0 is out for the grabs! Our old post regarding FOCA can be found here.
“FOCA, which stands for “Fingerprinting Organization with Collected Archives” is an automated tool for downloading documents published in websites, extracting metadata and analyzing data. FOCA is a tool for conducting fingerprinting processes and information gathering on [...]
A bit late with this one, but the good news for Websecurify lovers is that, we have Websecurify version 0.9 amongst us! Another quality release after a lot of hard work!
“Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. Websecurify is [...]
Today, we have yet another post from the InsomniaSec blog by Mr. Brett Moore titled – LFI With PHPINFO Assistance!
We all know what an LFI is. This whitepaper explains how PHPInfo() can be used to assist with the exploitation of LFI vulnerabilities on PHP when combined with the file upload handling feature that is enabled by default!
A [...]
Good news for Websecurify lovers, as we have Websecurify version 0.9Alpha1 amongst us! Another quality release after a lot of hard work!
“Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. Websecurify is a web and web2.0 security initiative specializing in [...]
Our first post regarding RIPS can be found here. New and updated version of RIPS version 0.40 is now available for download!
“RIPS is a static source code analyser for vulnerabilities in PHP web applications.”
This is the official change log:
Code analysis:
fixed bug with vartrace and different dependencies (if(condition) $var=1; else $var=2;)
fixed bug with string reconstruction of [...]
After almost a year, fimap has been updated to fimap alpha version 09. Our first post about fimap can be found here.
“fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql [...]
One of our favourites – w3af is now updated! We now have w3af version 1.0-rc6! We spoke about it in detail here.
“w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af [...]
Good news for Websecurify lovers, as we have an updated Websecurify version 0.8 amongst us! A stable release after a lot of hard work!
“Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.”
Download Websecurify v0.8 (Websecurify 0.8.exe/Websecurify 0.8.zip) here!