Search Results for "vulnerable"

...Written in the Go programming language, it focuses on speed and efficiency when executing advanced search queries across multiple search engines. It allows users to run specialized queries, often referred to as “dorks,” to discover publicly exposed data, misconfigurations, or potentially vulnerable resources. It supports several major search engines and enables users to switch between them depending on the target or query requirements. go-dork can retrieve results from multiple pages of search results and process them sequentially for broader coverage during scans. go-dork also supports custom HTTP headers and proxy configuration, which can help users work around restrictions such as captchas or filtering mechanisms. ...

...It uses an automated crawling engine that continuously scans a target application, collects forms and endpoints, and evaluates them for potential CSRF weaknesses. XSRFProbe performs numerous systematic checks to determine whether a web endpoint is vulnerable, including inspection of anti-CSRF tokens, cookie validation behavior, and request forgery scenarios. It also analyzes the strength and randomness of security tokens using algorithms such as entropy calculations to determine whether tokens can be predicted or forged. When a vulnerability is discovered, it can automatically generate proof-of-concept payloads that demonstrate how the flaw could be exploited in a real attack scenario. ...

SQLiv is a command-line security tool designed to identify SQL injection vulnerabilities in web applications through automated scanning techniques. Written primarily in Python, the project focuses on discovering potentially vulnerable web pages by analyzing URLs that contain database query parameters. It can perform large-scale scanning by using search engine queries known as SQL injection dorks to collect candidate websites and then test them for vulnerabilities. In addition to bulk scanning, SQLiv supports targeted analysis of specific domains or individual URLs, allowing security researchers to focus on particular web applications. ...

...It focuses on demonstrating and testing the flaw rather than being a general-purpose security toolkit, which makes the code approachable for learning and auditing. The project illustrates how a malformed heartbeat request could coax vulnerable servers into leaking memory contents, including potentially sensitive data. Because it’s small and self-contained, it’s often used as a reference to understand the vulnerability mechanics without wading through large codebases. The repo also serves as a historical snapshot of a watershed moment in modern Internet security and the practical lessons it forced the industry to learn. ...

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques This is a fully functional web site with a content management system based on fckeditor. You can download it as source code or a pre configured