Search Results for "vulnerable"

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. When security vulnerabilities or misconfigurations are actively exploited by attackers, organizations need to react quickly in order to protect potentially vulnerable assets. As attackers increasingly invest in automation, the time window to react to a newly released, high severity vulnerability is usually measured in hours. This poses...

Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to not store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and techniques. Solving these challenges will help you recognize common mistakes & can help you to reflect on your own secrets management strategy.

... OpenJDK 16 (Not Oracle's J2RE 1.8) to run. Install, for example, AdoptOpenJDK for Windows. NOTE: By using encryption twice the implementation is (in theory) vulnerable to Meet-In-The-Middle attack reducing key size to 256bit but the attack still requires 2^256 bytes of memory making it impossible in practice.

Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible...

This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects...

L337 Scanner is powerful vulnerability scanner.It has both community edition and professional edition. Community edition is free for all. Community edition has only sqli scanner. which means through community edition you can scan a target site for sql injection vulnerability or search google for sqli vulnerable site. Requirements : 1. Java 8 or higher (oracle recommanded) Rules : 1. Don't give trailing slash 2. Put link with protocol like http,https Test Example : 1. http...

Network Spoofer lets you change websites on other people’s computers from an Android phone. After downloading simply log onto a Wifi network, choose a spoof to use and press start. Please note that there is no intention for Network Spoofer to include any malicious features. This application is a fun demonstration of how vulnerable home networks are to simple attacks, with permission of the network owner - DO NOT attempt to use Network Spoofer on any corporate or other non-residential networks...

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via...

Web Scanner is a command-line program that is designed to scans web servers to find default and potentially vulnerable web pages. 2.0 - Java, 1.3 - Perl Web scanner supports both HTTP and HTTPS protocols and can be configured to use custom data files.

JHoney is a honeypot tool for Linux written in Java. It simulates vulnerable net services to trick an attacker or trojan to attack them. The attacker IP is blocked once a service is attacked, and then the intruder cannot attack for example webservers.

Vulnerable Analysis and Management System is vulnerable scan software that control by central database server using Oracle, MySQL, PostgreSQL, etc.