Category Archives: Vulnerabilities & attacks

SecGen – Create Randomly Insecure VMs

Security Scenario Generator (SecGen) generates randomised vulnerable systems. VMs are created based on a scenario specification

idb – iOS App Security Assessment Tool

idb is a tool to simplify some common tasks for iOS app security assessments and research. To illustrate the features of idb, the screenshots

AuthMatrix – Burp Extension to Test Web Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With this burp extension

php-malware-finder – Detect Potentially Malicious PHP

PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/ webshells.

w3af – Web Application Attack and Audit Framework

w3af is a not a standard web application scanner but it is an advanced framework that may allow penetration tester to make automated

Param Miner – Burp Extension for Web Cache Poisoning

Param Miner is a burp extension that identifies hidden, unlinked parameters. It’s particularly useful for finding web cache poisoning vulnerabilities.

HTTP Request Smuggler – Burp Plugin to Scan for Smuggling

HTTP Request Smuggler is an extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks, originally