URLCrazy Domain Name Typo Tool 0.4
URLCrazy enables the study of domainname typos and URL hijacking. URLCrazy is a domainname typo generator that generates 13 types of typos, knows over 8000 common misspellings, supports multiple...
View ArticleClickjacking For Shells
Whitepaper called Clickjacking for Shells. Two years after the world was warned about clickjacking, popular web apps are still vulnerable and no web app exploits have been published. With many security...
View ArticleWordPress 3.1.2 Clickjacking
WordPress versions 3.1.2 and below clickjacking exploit that was part of an OWASP presentation on September 20th, 2011 in Wellington, New Zealand.
View ArticleWordPress Clickjacking
This advisory is the result of research into how clickjacking can be leveraged and is the first published clickjacking exploit against a popular web application to gain OS command execution. WordPress...
View ArticleURLCrazy Domain Name Typo Tool 0.5
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain...
View ArticleUsername Anarchy 0.2
Username-Anarchy is for generating usernames when penetration testing. It is useful for user enumeration and username/password brute forcing. Features include format-style style username formats,...
View ArticleBing.com Hostname / IP Enumerator 0.3
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
View ArticleAtlassian Confluence 4.3.5 XSS / Clickjacking
Atlassian Confluence versions 4.3.5 and below suffer from cross site scripting, cross site flashing, and insufficient framing protection vulnerabilities.
View ArticleBing.com Hostname / IP Enumerator 0.4
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
View ArticleWordPress Stop User Enumeration 1.2.4 Bypass
The WordPress Stop User Enumeration plugin version 1.2.4 can be bypassed by using POST requests instead of GET requests.
View ArticleNetGear DGN2200 N300 CSRF / Disclosure / Command Execution
NetGear DGN2200 N300 Wireless ADSL2+ Modem Router with firmware version 1.0.0.36-7.0.37 suffers from command injection, cross site request forgery, insecure configuration, cleartext password storage,...
View ArticleWhatWeb Scanner 0.5.0
WhatWeb is a next-generation web scanner. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web...
View ArticleBing.com Hostname / IP Enumerator 1.0
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
View ArticleWhatWeb Scanner 0.5.1
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web...
View ArticleURLCrazy Domain Name Typo Tool 0.7.1
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain...
View ArticleBing.com Hostname / IP Enumerator 1.0.2
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
View ArticleBing.com Hostname / IP Enumerator 1.0.3
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
View ArticleWhatWeb Scanner 0.5.2
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web...
View ArticleWhatWeb Scanner 0.5.3
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web...
View ArticleBing.com Hostname / IP Enumerator 1.0.4
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
View Article