Web Hacking Tools,web hacking tricks

Tools

If you do Web application security assessments, this page is for you. We've gathered all of the tools and techniques discussed inHacking Exposed: Web Applications (that we use every day as consultants) and cataloged them here. This is an abbreviated recitation of Appendix B in the 2nd Edition, with live hyperlinks for easy access. Keep your eyes on this space as we post custom scripts and tools from the authors!
Nish Bhalla's secret.dll and secret.htm are provided here as examples to help interested readers follow along with the 2nd Edition section "An Example of Binary Analysis" starting on page 416.
SQL Injection
SQL Power Injector by Francois Larouche
Bobcat (based on "Data Thief" by Application Security, Inc.).
Absinthe - free blind SQL injection tool
SQLInjector by David Litchfield
NGS Software database tools
Cross-Site Scripting (XSS)
RSnake's XSS Cheat Sheet
XSS-Proxy
Firefox Extensions for HTTP Analysis
LiveHTTP Headers
Tamper Data
Modify Headers
Command-line HTTP/S Tools
cURL
Netcat 
Sslproxy
Openssl 
Stunnel 
Profiling
HTTPrint for fingerprinting web servers
Jad, the Java Dissasembler
Google search using "+www.victim.+com"
Google search using “parent directory” robots.txt

0 comments:

Post a Comment

 
Copyright © . Raikay Comunity - Posts · Comments
Theme Template by Raikay LiOns · Powered by SmsTiny