Google Chrome Add-ons for Web App Hackers

Google Chrome Add-ons for Web App Hackers Up until now, there have not been so many Chrome extensions unlike Firefox ones  forWeb App Penetration Testing. Thus, this cannot be a comprehensive list. Help posting your favorite add-ons in the comment section. Thank you. ____________________________________________________________________ RECONNAISSANCE Web Technology...

HTTP Header Abuse Check - test online

HTTP Header Abuse Check  usagae :- Usage: header_options.php?host=xxxxx.com url :- http://yehg.net/pentest/header_options.php example :- http://yehg.net/pentest/header_options.php?host=allinonehack.c...

Cross-Site Framing Vulnerability Test

Cross-Site Framing Vulnerability Test Similar Terms: Cross (Site) Frame Scripting,ClickJacking, UI Redressing, CSS Overlay Requested URL is (gonna be) loaded in iframe tag.  http://yehg.net/pentest/cross_site_framing.php Sour...

Cross Site Request Forgery - online test

Cross Site Request Forgery  Test if your site is vulnerable to Cross Site Request Forgery http://yehg.net/pentest/cross_site_request_forgery.php Sour...

inspathx [Internal Path Disclosure Finder]

inspathx [Internal Path Disclosure Finder] Description: A tool that uses local source tree to make requests to the url and search for error messages like path inclusion, exception error. It's always been a common problem in PHP web applications that we're hating to see for ever. We hope this tool triggers no path disclosure flaws any more. See our article about path disclosure. Source...

JHijackv.02 beta -A simple Java Fuzzer

JHijackv.02 beta Description: A simple Java Fuzzer mainly used for numeric session hijacking and parameter enumeration. Requirement: JRE/JDK 1.4 or above Demonstrations:    Session Hijacking      BlindSQLInjection      HTTP Form Brute Forcing Documentation: aldeid.com    Source and Downloa...

Joomla! Security/Vulnerability Scanner

Joomla! Security/Vulnerability Scanner Description: A vulnerability scanner that can detect file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. Requirements: Perl The database update is currently taken care by WebCenter Team from Slovenia. You can get update at http://web-center.si/english   How to use   Source and dow...

Virtual Hacking Lab

Virtual Hacking Lab A mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats. Virtual Hacking Lab Web Site Source and download guide Learn Ethical Hacking :...

Mobile security testing live environment

This project was a DARPA CFT funded project that is now being released through OWASP. It is focused on providing a live environment for mobile security testing, forensics, reverse engineering and wireless analysis. Source and downlo...

Matriux is a GNU/Linux, Debian based security distribution

Matriux is a GNU/Linux, Debian based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS.  It is a fully featured security distribution based on Debian consisting of a powerful...

All you need, when you need - tools , must copy ...

Source and credit to Link All you need, when you need Anonymous Anonnews anonyops communicationsanony0psanony0ps newsthe wiki leaks forum Blogs Carnal0wnageMcGrew SecurityBlog | GNUCITIZENDarknetspylogic.netTaoSecurityRoom362.comSIPViciousPortSwigger.netBlog - pentestmonkey.netJeremiah Grossmanomg wtf bbq blog c22.ccSkullSecurityMetasploitSecurity and NetworkingSkeptikal.orgDigital...