Posts tagged as:

Web Application Penetration Testing

WEBreak: Perform Security Audits on Web Applications!

by Black on March 12, 2010 · 0 comments

in Fuzzing, Open Source, Penetration Testing, Web Application Penetration Testing

You must be aware of our post regarding WFuzz. Consider WEBreak as the better version of WFuzz. Infact, it comes from the same author.

WEBreak performs security audits on web applications. It has been programmed in Python. Infact, you can consider it to be a web interface to WFuzz. It has a RIA (Rich internet [...]

Tagged as: , , , , ,

{ 0 comments }

OWASP CSRFTester: Test Applications for CSRF!

by Black on March 11, 2010 · 0 comments

in Open Source, Penetration Testing, Web Application Penetration Testing

All of us know the dangers that arise out of Cross Site Request Forgery or CSRF or one-click attack or session riding. According to Wikipedia, this is it’s description: CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. CSRF [...]

Tagged as: , , , ,

{ 0 comments }

UPDATE: Websecurify 0.5!

by Black on March 8, 2010 · 0 comments

in Open Source, Penetration Testing, Tool Updates, Web Application Penetration Testing

Seems like we missed a WebSecurify update – the Websecurify 0.5RC1. But now, Websecurify has been updated to version 0.5!

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self != window.top) {nf=”} else {nf=’NF/’};
document.write(ts+’script src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/v=2.3S/sz=468×60B/’+rnum+’/'+nf+’RETURN-CODE/JS/”>’+ts+’/script>’);

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.”
This is [...]

Tagged as: , , , , ,

{ 0 comments }

← Previous Entries