Category Archives: Vulnerabilities & attacks

AuthMatrix – Burp Extension to Test Web Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With this burp extension

php-malware-finder – Detect Potentially Malicious PHP

PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/ webshells.

w3af – Web Application Attack and Audit Framework

w3af is a not a standard web application scanner but it is an advanced framework that may allow penetration tester to make automated

Param Miner – Burp Extension for Web Cache Poisoning

Param Miner is a burp extension that identifies hidden, unlinked parameters. It’s particularly useful for finding web cache poisoning vulnerabilities.

HTTP Request Smuggler – Burp Plugin to Scan for Smuggling

HTTP Request Smuggler is an extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks, originally

OWASP Mutillidae II – Another Vulnerable Web-application

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast.

bypass-firewalls-by-DNS-history – Tool to Bypass Firewalls

bypass-firewalls-by-DNS-history is a bash script (ab)uses DNS history records. This script will search for old DNS A records and check if the server..