Search Results for "injection"

vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and vulnerability scanning of the target like subdomains, IP addresses, country, org, timezone, region, and more. ...

EXITO, the EXercise event Injection TOolkit, has been developed in order to help the moderators of large scale, multi-party exercises. It has been designed as a communication and coordination tool to keep in track the execution of complex exercises with large number of injects and players. It enables the exchange of events and reports among users by managing a Master Event List (MSEL); massively injecting events; and collecting feedback from the exercise players.

...Section 1 consists of special web applications that are designed especially to teach the basics of Web Security. This seciton will cover XSS CSRF RFI & LFI BruteForce Authentication Directory/Path traversal Command execution SQL injection Section 2 is a collection of dileberately insecure Web applications. This section provides a legal platform to test your skills and to try and exploit the vulnerabilities and sharpen your skills before you pentest live sites. We would advice newbies to try and exploit these web applications. These applications provide real life environments and will boost their confidence.

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

VAP (Vulnerable Application Project) is a small, free and open source deliberately vulnerable web-application that aims to be a learning platform for IT- security professionals and developers to create more secure applications. Developers can analyze the code manually, pentesters can test their skills.