Our first post regarding Mutillidae can be found here. A few hours ago an update – Mutillidae version 2.1.19 – was released.
“Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making [...]
Our first post regarding OWASP Mantra can be found here. A few days ago, an update – OWASP Mantra Security Toolkit 0.91 Beta Lexicon has been made available to us.
“OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals [...]
Our first post regarding Mutillidae can be found here. A few days ago an update – Mutillidae version 2.1.18 – was released. We seem to have missed a lot of updates about this tool, but we plan to correct it.
“Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and [...]
Our first post regarding Mutillidae can be found here. A few days ago an update – Mutillidae version 2.1.17 – was released. We seem to have missed a lot of updates about this tool, but we plan to correct it.
“Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and [...]
We have been covering most of the interesting web shells that we are aware of. 12309.php (yes, this is the name!) caught our attention for a number of reasons. Before we get to those, feel free to read about two of our favourite stealth PHP backdoors – weevely and WeBaCoo.
So, 12309.php is an advanced webshell with the main [...]
Hardanger is an open source web application penetration testing platform. The project aims to bridge the gap between the current open source web application testing tools commonly used in Linux environments and bring a similar open source state of the art tool to native Microsoft Windows based platforms.Hardanger aims to deliver a user-friendly experience for [...]
Our first post regarding DotDotPwn can be found here. Now, the author has released an update – DotDotPwn version 3.0!
“DotDotPwn is a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc. Also, it has a protocol-independent module to send the desired [...]