Our first post regarding OWASP Mantra can be found here. A few days ago, an update – OWASP Mantra Security Toolkit 0.91 Beta Lexicon has been made available to us.
“OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals [...]
SQLSentinel is an openSource tool for sql injection security testing for white hats.
SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. It includes a spider web and sql errors finder. We give in input site name and
It will crawls and try to exploit parameters validation error for you. [...]
Our first post regarding Intersect, the post exploitation framework can be found here. Recently, an update – Intersect 2.5 – was made available to us!
“Intersect is a post-exploitation framework written in Python. The main goal of this project is to assist penetration testers in the automation of many post exploitation and data exfiltration tasks that [...]
Our first post regarding OWASPBWA or the OWASP Broken Web Applications Project can be found here. About two months ago, an updated version – OWASPBWA version 1.0rc1 was released!
“Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with [...]
Enema is not autohacking software. This is dynamic tool for people, who knows what to do. Not supported old database versions (e. g. mysql 4.x). Development targeted to modern versions.
We hope in new versions there are some reports and more database version added. With some support for custom plugins and known sql velnerabilities to test with.
Features of Enema:
Multi-platform.
User-friendly [...]
Our original post about winAUTOPWN can be found here. Like metasploit winAUTOPWN is regularly updated and versions are released.
“winAUTOPWN and bsdAUTOPWN are minimal Interactive Frameworks which act as a frontend for quick systems vulnerability exploitation. It takes inputs like IP address, Hostname, CMS Path, etc. and does a smart multi-threaded portscan for TCP ports 1 [...]