exploit the possibilities
Showing 26 - 50 of 250 RSS Feed

Files

Zed Attack Proxy 2.4.0 Linux Release
Posted Apr 15, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: A new attack mode has been added. A completely new fuzzing dialog has been introduced that allows multiple injection points to be attacked at the same time. Various other updates and additions.
tags | tool, web, vulnerability
systems | linux, unix
SHA-256 | ad773f00081964afeb212862d066a18bb49f2b49541399b0034b245d1e9f7ad1
Zed Attack Proxy 2.4.0 Mac OS X Release
Posted Apr 15, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: A new attack mode has been added. A completely new fuzzing dialog has been introduced that allows multiple injection points to be attacked at the same time. Various other updates and additions.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | d8e296cc09908f7df9970ac6f701191bf7ccdff628d95194196a58689f8186be
Cookie Manager 0.5
Posted Jan 1, 2015
Authored by Doddy Hackman

Cookie Manager is a cookie stealer for XSS to find and mint cookies using PHP.

tags | tool, web, php
SHA-256 | 756e791982a5216ef6c867d101ff896b06fba5694e0cfe949c6033c90b6ab4bb
Project Kakilles 0.3
Posted Sep 17, 2014
Authored by Doddy Hackman

Kakilles is a perl script that spawns an HTTP proxy and lets you modify user-agent, content, and cookie headers.

tags | tool, web, perl
SHA-256 | d2e2153f6e4d656992f7440b3cb89926277a075073424d269287da5e78c20038
Zed Attack Proxy 2.3.1 Linux Release
Posted May 22, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: Bug fixes.
tags | tool, web, vulnerability
systems | linux, unix
SHA-256 | 89c9d3e50ff99273c1579e1abf9894e4d2d42ebfbcc35f57d5fc35a54be4a428
Zed Attack Proxy 2.3.1 Windows Installer
Posted May 21, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: Bug fixes.
tags | tool, web, vulnerability
systems | windows
SHA-256 | fd47a9374db59f4b3afe123975016976e532f71752fe45571336d16636ebc39a
Zed Attack Proxy 2.3.1 Mac OS X Release
Posted May 21, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Bug fixes.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | 417d9208ea3df826f3641131f0f8c2c475cf56f7926f51be1a6c8b155c06b1c9
Zed Attack Proxy 2.3.0 Windows Installer
Posted Apr 10, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: Support for non standard apps. Input Vector scripts. More API Support. Keyboard shortcuts. New UI Options. Various other improvements and additions.
tags | tool, web, vulnerability
systems | windows
SHA-256 | 07a2506dfd6d9373dbb310c5f4e097293e9fda6957e846c06ca468f761518b57
Zed Attack Proxy 2.3.0 Linux Release
Posted Apr 10, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: Support for non standard apps. Input Vector scripts. More API Support. Keyboard shortcuts. New UI Options. Various other improvements and additions.
tags | tool, web, vulnerability
systems | linux, unix
SHA-256 | 7e08a9430c5b13656c33cca647f31e3f33c5a0968a0d585843b858fcfbe75d33
Zed Attack Proxy 2.3.0 Mac OS X Release
Posted Apr 10, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Support for non standard apps. Input Vector scripts. More API Support. Keyboard shortcuts. New UI Options. Various other improvements and additions.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | 5894ede8bdaaf92fbf663540f2eb0ce00533ec40cad57f9fb4405e48e8492125
w3af Web Application Attack and Audit Framework 1.6
Posted Mar 31, 2014
Authored by Andres Riancho | Site w3af.sourceforge.net

w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.

Changes: Improved performance for scans. Better documentation. Improved quality.
tags | tool, remote, web, local, xss, sql injection, python, file inclusion
SHA-256 | 006731b74f58960a1f3580194979bb988fa52df2bc92f6f36b1ce36ffcdd6003
Zed Attack Proxy 2.2.1 Linux Release
Posted Sep 11, 2013
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: ZAP 2.2.* adds support for scripts embedded in ZAP components like the active and passive scanners. It adds support for Zest - a new security focused scripting language from the Mozilla security team. It also supports Mozilla Plug-n-Hack, various minor enhancements and lots of bug fixes. 2.2.1 includes a fix for a bug that prevented scripts working properly on Windows.
tags | tool, web, vulnerability
systems | linux, unix
SHA-256 | 784cbf65b6b585d36ed7e27d66bb266ae07931c00813f43c2f7de0e03523e5e2
Zed Attack Proxy 2.2.1 Mac OS X Release
Posted Sep 11, 2013
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: ZAP 2.2.* adds support for scripts embedded in ZAP components like the active and passive scanners. It adds support for Zest - a new security focused scripting language from the Mozilla security team. It also supports Mozilla Plug-n-Hack, various minor enhancements and lots of bug fixes. 2.2.1 includes a fix for a bug that prevented scripts working properly on Windows.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | 618057fcea78320df0acbe254d44c4f40a40b89ccb9d70ab3d0c3e02ee7ace5f
Zed Attack Proxy 2.2.1 Windows Installer
Posted Sep 11, 2013
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: ZAP 2.2.* adds support for scripts embedded in ZAP components like the active and passive scanners. It adds support for Zest - a new security focused scripting language from the Mozilla security team. It also supports Mozilla Plug-n-Hack, various minor enhancements and lots of bug fixes. 2.2.1 includes a fix for a bug that prevented scripts working properly on Windows.
tags | tool, web, vulnerability
systems | windows
SHA-256 | f03bbb1a0b4a09fd276ae2329ddb94ff83078997c9f4f13e4b4ccdda40d22976
OWASP Xenotix XSS Exploit Framework 4
Posted Aug 16, 2013
Authored by Ajin Abraham | Site owasp.org

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes highly offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.

tags | tool, web, xss, proof of concept
SHA-256 | ec7eae73fb105951ed22898d881dae39b54e162988b8fdc8b9fc11276d59d8f0
Zed Attack Proxy 2.0.0 Windows Installer
Posted Feb 1, 2013
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: An integrated add-ons marketplace, a new Ajax spider, Session scope, and various other features and improvements have been added.
tags | tool, web, vulnerability
systems | windows
SHA-256 | 0273201ad390567013a7d95589a6a4ca77c93de84fb049727d37f21c65a757b5
Zed Attack Proxy 2.0.0 Mac OS X Release
Posted Feb 1, 2013
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: An integrated add-ons marketplace, a new Ajax spider, Session scope, and various other features and improvements have been added.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | d091f28bd386982bd2634e3e7c5f5e630969cbbc6459cae1d41323ca641f3986
Zed Attack Proxy 2.0.0 Linux Release
Posted Feb 1, 2013
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: An integrated add-ons marketplace, a new Ajax spider, Session scope, and various other features and improvements have been added.
tags | tool, web, vulnerability
systems | linux, unix
SHA-256 | 9df435e5920e1d2092c098a6c6d8a0fc09455ce680d9ab7312e88629f669ff6a
Multithreaded Proxy Checker
Posted Jul 22, 2012
Authored by miyachung

This php script is a small tool for performing proxy checks.

tags | web, php
SHA-256 | 335c6bc3f7508bd7388fd3b9f2a8c061fae18e1b4e0260668b4a1b074b9587a3
URLCrazy Domain Name Typo Tool 0.5
Posted Jul 19, 2012
Authored by Andrew Horton | Site morningstarsecurity.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Now supports Ruby1.9.1, CSV output, homoglyphs, shows the country for IPs.
tags | tool, web
systems | unix
SHA-256 | 744bfee0933dc8f1f2432528d5f7c5ce770416146ddc67b984b5117426e99dcd
IOSEC HTTP Anti Flood/DoS Security Gateway Module 1.7
Posted Jul 11, 2012
Authored by Gokhan Muharremoglu | Site sourceforge.net

This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.

Changes: Improved Implicit Deny Mode. Admin GUI Removed. Various other additions.
tags | web, php
SHA-256 | 12678f9ec1be90549e9ec56df43ef737708150240ad1ffb39db4ea94844cf7d1
Mod_auth_pubtkt 0.8
Posted Jun 28, 2012
Site neon1.net

mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.

Changes: A new option and corresponding field in the ticket ("bauth") make it possible to specify the Basic authorization username/password in the ticket (e.g., when reverse proxying to a third party system which cannot use mod_auth_pubtkt). The credentials can optionally be encrypted in the ticket.
tags | web, php
systems | unix
SHA-256 | 6243e220a650147a49269970cfc1491e6c727f6e9ef4eb34673909783bc258b2
DeXSS 1.2
Posted Jun 12, 2012
Site dexss.org

DeXSS provides a SAX2 Parser to help protect against cross site scripting (XSS) attacks. DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML. You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.

Changes: This release adds a CSS sanitizer, uses the OSBCP CSS Parser, canonizes CSS in @style, and attempts to remove javascript: and expression(). Inline <style> CSS is still elided.
tags | tool, web, javascript, xss
SHA-256 | 6b2ac847ccc68a5a4b369c54df3b011afeef4702562ef4d6304a3355e16ed115
Mod_auth_pubtkt 0.7
Posted Jun 4, 2012
Site neon1.net

mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.

Changes: The public key can be set per directory instead of only globally. The login URL is now optional, and a new TKTAuthBadIPURL option has been added. Furthermore, the module now compiles with Apache 2.4 and includes a Perl ticket generation module.
tags | web, php
systems | unix
SHA-256 | 8ff3de9c5acc026c6fd74fd8e599c0c2659cd29c51693dbf67a8bf8c609be94e
OWASP Mantra - Lexicon 0.91 Beta
Posted May 11, 2012
Site getmantra.com

OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals, etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the source code release.

Changes: Firefox 12 is now used as the base. NoRedirect Extension, FireEncrypter, Ra.2 XSS scanner, and more have been added. Known issues have been addressed.
tags | web
SHA-256 | 541d48c626a68f4fde63c7fca65c1f14bbaf9ece1f236099d199f6a931b408c7
Page 2 of 10
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Hot Glare Of The Spotlight Doesn't Slow BlackByte Ransomware Gang
Posted May 19, 2022

tags | headline, hacker, malware, cybercrime, fraud, cryptography
2 Vulnerabilities With 9.8 Severity Rating Are Under Exploit. A 3rd Looms
Posted May 19, 2022

tags | headline, hacker, flaw
FBI And NSA Say: Stop Doing These 10 Things That Let Hackers In
Posted May 18, 2022

tags | headline, hacker, government, usa, fbi, nsa
Your Data Is Auctioned Off Up To 987 Times A Day, NGO Reports
Posted May 18, 2022

tags | headline, privacy, data loss
Hackers Compromise A String Of Discord Channels
Posted May 18, 2022

tags | headline, hacker, data loss, fraud
April VMware Bugs Abused To Deliver Mirai Malware, Exploit Log4Shell
Posted May 18, 2022

tags | headline, malware, flaw
DOJ Says Doctor Is Malware Mastermind
Posted May 18, 2022

tags | headline, hacker, government, malware, usa, cybercrime, fraud, venezuela
President Rodrigo Chaves Says Costa Rica Is At War With Conti Hackers
Posted May 18, 2022

tags | headline, hacker, government, malware, data loss, cyberwar, cryptography
New Bluetooth Hack Can Unlock Your Tesla And More
Posted May 18, 2022

tags | headline, hacker, wireless, flaw
APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack 0-Days
Posted May 18, 2022

tags | headline, hacker, malware, cyberwar, zero day
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close