Search Results for "attack"

...Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

If you are a developer, you can use Tamper Dev to debug your websites, or if you are a pentester, you can use it to search for security vulnerabilities by inspecting the HTTP traffic from your browser. Unlike most other extensions, Tamper Dev allows you to intercept, inspect and modify the requests before they are sent to the server. This extension provides functionality similar to Burp Proxy, MITM Proxy, OWASP ZAP, Tamper Data, and Postman Proxy, but without the need of additional software,...

The goal of this project is to build an add-on for browser that passively audits the security posture of the websites that the user is visiting. Assume that the tool is to be used on non-malicious websites, currently not under attack or compromised. Add-on wants to report security misconfigurations, or failure to use best security practices. - Add-on tries to analysis the commonly vulnerable setting of servers: lack of use of security-relevant headers, including: - strict-transport-security - x-xss-protection - content-security-policy - x-frame-options - x-content-type-options It is available for Opera Beta and Developer browser - https://bit.ly/2TvvFw4