Section: .. / web /
| /// File Name: |
dradis-v1.2.tar.gz |
Description:
|
dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
| | Author: | etd | | Homepage: | http://dradis.nomejortu.com/ | | File Size: | 2011899 | | Last Modified: | May 7 13:42:52 2008 |
| MD5 Checksum: | 481beae4f13e322aad1066ba943aafd4 |
|
| /// File Name: |
Pound-2.4.tgz |
Description:
|
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
| | Author: | roseg | | Homepage: | http://www.apsis.ch/pound/index.html | | Changes: | Various bug fixes and enhancements. | | File Size: | 162876 | | Last Modified: | Feb 11 14:36:32 2008 |
| MD5 Checksum: | 94e4a9a0b60c5e547d81dfd62f72f9ef |
|
| /// File Name: |
dom-checker-1.00.tgz |
Description:
|
A simple utility to thoroughly validate DOM, XMLHttpRequest, and cookie security restriction handling in modern web browsers. Notable features include exhaustive hierarchy crawling, cross-domain IPC system for blind write verification, page transition checks, and more.
| | Author: | Filipe Almeida, Michal Zalewski | | Homepage: | http://code.google.com/p/dom-checker/ | | File Size: | 11631 | | Last Modified: | Jan 25 19:20:06 2008 |
| MD5 Checksum: | e28d130fba312da6a933f088e0ea34e2 |
|
| /// File Name: |
httprecon-1.3.zip |
Description:
|
httprecon is an advanced web server fingerprinting tool that makes use of nine test cases when mapping the target service. Win32 binary release.
| | Author: | Marc Ruef | | Homepage: | http://www.computec.ch/projekte/httprecon/ | | File Size: | 990438 | | Last Modified: | Dec 11 22:57:13 2007 |
| MD5 Checksum: | 4dea03e14a51c0bf95600e9eb0b0993e |
|
| /// File Name: |
cookietools-0.3.tgz |
Description:
|
cookietools is comprised of three pieces. First, the cookiesniffer, which is a simple and powerful cookie sniffer that recognizes (through heuristics) and reconstructs (through libnids) new and existing HTTP connections, parsing any valid or partially valid HTTP message. The output is a set of files containing the gathered information with time-stamps in a format that can be trivially searched and parsed with standard UNIX tools such as grep, awk, cut and sed. It supports wireless (AP_DLT_IEEE802_11) networks. Second, there is a set of bash scripts that are used to quickly analyze the logs of cookiesniffer. In addition to this, there is the cookieserver that allows you to impersonate the cookies of someone else in your browser using the logs of cookiesniffer. This attack is also called "side-jacking", "cookie replay attack" and "HTTP session hijacking".
| | Author: | Michele Dallachiesa | | Homepage: | http://xenion.antifork.org/cookietools/index.html | | File Size: | 36592 | | Last Modified: | Dec 11 22:33:48 2007 |
| MD5 Checksum: | 4cbb1095b1f842daa12d0e0ba7ddbfd4 |
|
| /// File Name: |
sqlime_source.zip |
Description:
|
SQL-Me is a Firefox Add-on tool that was designed to help test for SQL injection vulnerabilities in a given system.
| | Homepage: | http://www.securitycompass.com/ | | File Size: | 159113 | | Last Modified: | Dec 10 20:23:17 2007 |
| MD5 Checksum: | 053241d7bc2d8e479358ce27a1d418d6 |
|
| /// File Name: |
xssme_source-0.2.1.zip |
Description:
|
XSS-Me is a Firefox Add-on tool that was designed to help test for cross site scripting vulnerabilities in a given system.
| | Homepage: | http://www.securitycompass.com/ | | File Size: | 95781 | | Last Modified: | Dec 10 20:21:52 2007 |
| MD5 Checksum: | ff44ef6f4d17d86f8f18c4b344cb5dc6 |
|
| /// File Name: |
swfintruder-0.9.tgz |
Description:
|
SWFIntruder (pronounced Swiff Intruder) is the first tool specifically developed for analyzing and testing security of Flash applications at runtime. Some features include predefined attack patterns, highly customizable attacks, semi-automated cross site scripting checks, and more.
| | Author: | Stefano Di Paola | | Homepage: | http://www.mindedsecurity.com/ | | File Size: | 108777 | | Last Modified: | Dec 5 23:08:33 2007 |
| MD5 Checksum: | 24b530abb076f5682cf36581c94fd035 |
|
| /// File Name: |
stproxy-0.9.1.tar.gz |
Description:
|
stproxy is small and simple single-threaded HTTP/SSL proxy server released under the GNU General Public License (GPL). stproxy uses as little resources as possible, while still being very fast and efficient.
| | Author: | Adam Hurkala | | Changes: | Added support for HEAD method. | | File Size: | 132552 | | Last Modified: | Nov 16 02:22:26 2007 |
| MD5 Checksum: | e866b16e098629bb809e239487573f3d |
|
| /// File Name: |
w3af-beta5.tar.bz2 |
Description:
|
w3af, is a Web Application Attack and Audit Framework. The framework and the plugins are fully written in python. Each plugin will add a functionality like cross site scripting detection or SQL injection exploitation.
| | Author: | Andres Riancho | | Homepage: | http://w3af.sourceforge.net/ | | Changes: | This version implements some really interesting features like virtual daemons and w3afAgents. | | File Size: | 10275597 | | Last Modified: | Oct 22 18:08:31 2007 |
| MD5 Checksum: | e6e662fc3e221756641b6456ad008bb6 |
|
| /// File Name: |
stproxy-0.9.tar.gz |
Description:
|
stproxy is small and simple single-threaded HTTP/SSL proxy server released under the GNU General Public License (GPL). stproxy uses as little resources as possible, while still being very fast and efficient.
| | Author: | Adam Hurkala | | File Size: | 132429 | | Last Modified: | Oct 15 18:40:31 2007 |
| MD5 Checksum: | b48901b9d7df43d013353273af7e8e6a |
|
| /// Directory: |
/ pcweek / |
Description:
|
The PC Week Crack
| | Total Files: | 2 | | Last Modified: | Sep 5 23:01:02 2007 |
|
| /// Directory: |
/ httptype / |
Description:
|
httptype reads a list of http hosts and optionally the port number for each of these. It queries each host, displaying the type of HTTP server running on that host.
| | Total Files: | 4 | | Last Modified: | Sep 5 23:00:59 2007 |
|
| /// Directory: |
/ analog / |
Description:
|
Unavailable.
| | Total Files: | 1 | | Last Modified: | Sep 5 23:00:57 2007 |
|
| /// File Name: |
fscan-both.tgz |
Description:
|
Fast HTTP Auth Scanner is a new web security scanner for Windows that allows brute-force attacks against web based devices that require HTTP authentication. Source and binary included.
| | Author: | Andres Tarasco | | Homepage: | http://www.514.es/ | | File Size: | 323885 | | Last Modified: | Jul 25 00:28:45 2007 |
| MD5 Checksum: | adf7b4531948a7db469cf130dfd3ecf9 |
|
| /// File Name: |
w3af-10Jun2007.tar.bz2 |
Description:
|
w3af, is a Web Application Attack and Audit Framework. The framework and the plugins are fully written in python. Each plugin will add a functionality like cross site scripting detection or SQL injection exploitation.
| | Author: | Andres Riancho | | Homepage: | http://w3af.sourceforge.net/ | | File Size: | 9673706 | | Last Modified: | Jun 12 20:10:04 2007 |
| MD5 Checksum: | d7bd1cc6c25bf2ce71270805da9633c9 |
|
| /// File Name: |
FG-Injector-0.9a.tar.bz2 |
Description:
|
FG-Injector is a tool that leverages the pentester's work by facilitating the exploitation of SQL Injection vulnerabilities. It includes a a powerful proxy feature for intercepting and modifying HTTP requests, a network spy module to allow the analyst view HTTP requests and their corresponding responses and an inference engine for automating SQL injection exploitation. The Inference Engine Module of the FG-Injector Framework automates the generation and injection of SQL statements needed for exploitation of a Blind SQL Injection. This module will work also for regular injections using the same method. It can produce blind injections on web/app servers using MS SQL Server, MySQL, and PostgresSql DBMSs.
| | Homepage: | http://www.flowgate.net/ | | File Size: | 2107215 | | Last Modified: | Apr 20 22:57:47 2007 |
| MD5 Checksum: | bf8954ef2c77f16f70b919e7f9d813a6 |
|
| /// File Name: |
Pound-2.3.tgz |
Description:
|
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
| | Author: | roseg | | Homepage: | http://www.apsis.ch/pound/index.html | | Changes: | Added display of configuration switches. Added grace period for shutdown. | | File Size: | 154167 | | Last Modified: | Apr 12 19:16:49 2007 |
| MD5 Checksum: | 94251bfc0d38e7aa4d50bff971ddc72e |
|
| /// File Name: |
FireCat.tgz |
Description:
|
FireCat is a new Firefox Framework Map collection of the most useful security oriented extensions. It stands for FireFox Catalog of Auditing Toolbox. Included is a zip file of the extensions and a pdf that provides a diagram of everything included.
| | Author: | Security Database Team | | Homepage: | http://www.security-database.com/ | | File Size: | 83395 | | Last Modified: | Mar 20 11:14:17 2007 |
| MD5 Checksum: | f42fa4fa01b5c59bc6e75f452b057fa3 |
|
| /// File Name: |
modsecurity-apache_2.1.0.tar.gz |
Description:
|
Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
| | Homepage: | http://www.modsecurity.org/ | | Changes: | Improved performance and reduced memory consumption (200% improvement). Includes the generic Web application security rules from the Core Rules project. The manual has been extensively improved. | | File Size: | 650133 | | Last Modified: | Mar 4 04:00:21 2007 |
| MD5 Checksum: | 2e919766f2878c4ee46334816004dd15 |
|
| /// File Name: |
mod_evasive_1.10.1.tar.gz |
Description:
|
Mod_evasive is a module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive reports abuses via email and syslog facilities. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from requesting the same page more than a few times per second or making more than 50 requests with the same child per second.
| | Author: | Jonathan A. Zdziarski | | Homepage: | http://www.zdziarski.com/projects/mod_evasive/ | | File Size: | 20454 | | Last Modified: | Feb 5 13:47:38 2007 |
| MD5 Checksum: | 784fca4a124f25ccff5b48c7a69a65e5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
