Pythem is a network and web applications penetration testing framework that can perform various penetration tests, … [Read More...]
Featured Articles
How To Use Noisy To Hide Your Browsing Habits
We’ve explored several tools on previous tutorials, which allow you to protect your browsing data from others through … [Read More...]
Arachni Scanner –Web Applications Security Evaluation Framework
Arachni is an open source framework that is used to evaluate the web applications security by performing active and … [Read More...]
Latest Blog Updates
Loading...Pythem –Web and Network Applications Penetration Testing Framework
Pythem is a network and web applications penetration testing framework that can perform various penetration tests, divided into following categories Network MITM and DoS Exploitation and Reverse Engineering Bruteforce Generic Utilities Network MITM and DoS covers various attacks against networks and web applications including scanning, traffic sniffing, traffic redirecting, data analysis, spoofing, webcrawl, and denial of service attacks. Spoofing attacks include ARP spoofing, DNS spoofing, and DHCP spoofing. Scanning feature allows scanning the networks and applications to gather information … [Read More...]
How To Use Noisy To Hide Your Browsing Habits
We’ve explored several tools on previous tutorials, which allow you to protect your browsing data from others through the use of VPNs. They help us by allowing all traffic to be rerouted somewhere else; therefore all traffic we generate will look as if coming from another location, wherever our VPN server is located at. Now, we’re going to take a different approach. In this tutorial we will discuss how we can use automated tools that generate random traffic from our host computer. For this, we will look at Noisy. A Python script created by Github user 1tayH, that generates random HTTP(S) and DNS … [Read More...]
Arachni Scanner –Web Applications Security Evaluation Framework
Arachni is an open source framework that is used to evaluate the web applications security by performing active and passive security analysis. The active security checks include detection of SQL injection, blind SQL injection, NoSQL injection, CSRF detection, code injection, LDAP injection, path traversal, OS command injection, XPATH injection, remote file inclusion test, XSS, and DOM XSS attacks analysis. The OS command injection is analyzed against nix, BSD, IBM AIX, and Windows system. The XPATH injection analysis is performed for Generic, PHP, dotNET, Java, and libXML2 scripts. Similarly in the passive … [Read More...]
W3af –Web Applications Security Auditing Framework
W3af is an open source framework used for testing web applications security. The framework is capable of detecting more than 200 vulnerabilities. Some of these include SQL injection, Buffer overflow vulnerabilities, CSRF, LDAP injection, Cross Site Scripting (XSS), Xpath injection, eval () injection, OS commanding, local file inclusion, remote file inclusion, and discovery of sensitive data. W3af analyzes these vulnerabilities by using built-in plugins. W3af Installation All W3af versions are supported by Linux and MAC OS. However, the Windows users can only use the older versions of W3af as there is no … [Read More...]
Vega –Web Applications Scanner with Proxy Features
Vega is a GUI based open source tool used for analyzing vulnerabilities in web applications. The tool has two main functionalities i-e Scanner and Proxy. The scanner automatically fetches links from web applications to test the vulnerabilities. Vega uses two types of modules to perform the vulnerabilities assessment. These are called Injection modules and Response processing modules. The Injection modules include blind SQL injection, XML injection, HTTP trace probes, Local File Inclusion (LFI), Remote File Inclusion (RFI), Shell injection checks, HTTP header injection, OS command injection, blind XPath … [Read More...]
Like Us On Facebook
Become a Member
