Malware Analysis && UnEthical Hacking
inicio hacking WiFu WiBOG MDB

HTTP

ONLINE

» Netcraft - Analyse many aspects of the internet, including the market share of web servers, operating systems, hosting providers and SSL certificate authorities.

» Sucuri - Free Website Malware and Security Scanner.

» Online Penetration Testing Tools - Is a collection of ethical hacking tools which enable you to test the security of websites and network infrastructures from a remote location.



FINGERPRINT

» HTTPRecon - Help return highly accurate identification of given httpd implementations.

» HTTPrint - Web server fingerprinting tool.



PROXY

» Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications.

» ZAP (Zed Attack Proxy) - It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications.



DIRECTORIOS

» Dirbuster - Is a multi threaded java application designed to brute force directories and files names on web/application servers.



HTTP / WEBDAV METHODS

» DAVTest - Tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target.



SCANNERS

» Admin Panel Finder - Simple tool to find admin panel.

» BeEF - The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

» Httsquash - Is an http server scanner, banner grabber and data retriever (there's a GUI interface for it). It can be used to scan large IP ranges to find networked devices or http servers.

» IIS Short Name Scanner v2.3.8 - The latest version of scanner for IIS short file name (8.3) disclosure vulnerability by using the tilde (~) character.

» Nikto - Web server scanner which performs comprehensive tests against web servers for multiple items.

» Recon-ng - Is a full-featured Web Reconnaissance framework written in Python.

» w3af - Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.

» Wapiti - Wapiti is a web-application vulnerability scanner, It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections... It use the Python programming language.

» WPScan - Is a black box WordPress vulnerability scanner.is a black box WordPress vulnerability scanner.



ATTACK

» DotDotPwn - Test Web applications against the Path Traversal vulnerability.

» EmailHarvester - Email addresses harvester.

» FileBuster - An extremely fast and flexible web fuzzer.

» Panoptic - Is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.



PLUGINS

» Firebug - helps the penetration tester understand how certain technologies and systems works and therefore he or she is able to find holes that might be able to be exploited.

» FileBuster - An extremely fast and flexible web fuzzer.

 

Mosh
@nyxbone
#MalwareMustDie

Inicio       ||       Comunidad       ||      Servicios       ||      Proyectos       ||      Hacking       ||      Contáctenos