Search Results for "http request"

Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. ...

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language.

Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large payloads (such as uploads) Provides a powerful, highly configurable settings engine. ...

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific...

Samizdat is a toolkit for Java for building Kerberos secured distributed, message-oriented applications. The toolkit contains base classes that simplifies the management of Kerberos login contexts as well as flexibly sign and seal messages between principals using the Java GSS API. The toolkit contains Transformation classes for Kerberizing JMS traffic as well as a super-lean HTTP based protocol stack that supports both Synchronous (RPC) and Asynchronous modalities.

NiktoRAT parses a plaintext Nikto report and outputs a series of navigable web pages for each finding with vulnerability information, HTTP request and response headers, and HTML dumps of the vulnerability URLs.

hcraft is a HTTP systems penetration testing framework designed to make exploitation of known vulnerabilities in HTTP systems a dynamic, simple process.

hcovert is a steganographic communications tool used to create a covert channel using a HTTP GET request to convey it's message to a webserver and webserver log parsing to retrieve the message. This tool will both send as well as recieve messages.