Category Archives: Web Security

NAXSI – Low Rules Maintenance WAF for NGINX

NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms.

WebGoat – A Deliberately Insecure Web Application

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration

Param Miner – Burp Extension for Web Cache Poisoning

Param Miner is a burp extension that identifies hidden, unlinked parameters. It’s particularly useful for finding web cache poisoning vulnerabilities.

HTTP Request Smuggler – Burp Plugin to Scan for Smuggling

HTTP Request Smuggler is an extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks, originally

Betwixt – Web Debugging Proxy Based on Chrome DevTools

Betwixt is a tool that will help in analyzing web traffic outside the browser using familiar Chrome DevTools interface.This will be useful when the user

Vega – Web Security Testing Platform

Vega is a free and open source web security scanner and web security testing platform to test the security of web applications.

N-Stalker X – Next Generation Web Application Scanner

N-Stalker Web Application Security Scanner X is a sophisticated Web Security Assessment solution incorporating the well-known