PHP Vulnerability Hunter
|A sophisticated white box fuzzer that scans PHP applications for several different classes of vulnerabilities using static and dynamic analysis. By instrumenting application code, PHP Vulnerability Hunter is able to achieve greater code coverage and uncover more bugs.
SnappingTurtle: A Web Exploitation Tool
|A cross platform web exploitation tool written in Aphid and compiled into Python. Currently supports exploitation of PHP local file inclusion and SQL injection.
Aphid Programming Language
|A hacker-friendly, multiparadigm language intended to be embedded in .NET applications or compiled into other languages like Python or PHP. The internals of Aphid are clean and easy to work with, allowing for rapid creation of derivative domain-specific languages.
|FuzzTalk is an XML driven fuzz testing framework that emphasizes extensibility and reusability. While most fuzzing frameworks require in depth programming knowledge, FuzzTalk can test a wide range of network protocols by using simple XML templates. Includes example scripts for fuzzing HTTP, FTP, and SMTP servers.
|Create memory corruption exploits with this position independent shellcode for the 32-bit Windows platform.
|Exploit the legendary Heartbleed vulnerability with this easy to use tool.
|HTTP Bog is a slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses.
HTTP Directory Traversal Scanner
|Detect directory traversal vulnerabilities in HTTP servers and web applications with this free tool.
Fiddler XSS Inspector
Search for vulnerabilities in web applications
using Fiddler XSS Inspector to detect both
reflected and persistent cross-site scripting
Fiddler XSRF Inspector
|This inspector plugin will help you easily create proof of concepts using requests captured by Fiddler.
Copyright © 2016 AutoSec Tools LLC