Termux ID: Audit -->

    Social Items

Home / Audit

w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications.
The scanner is able to identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection and OS commanding.


Identify and exploit a SQL injection

One of the most difficult parts of securing your application is to identify the vulnerable parameters and define the real risk. This video shows how to easily identify and exploit SQL injection vulnerabilities. As bonus the video shows how to extract information using web application payloads.

Batteries included

Want to know more about the low-level features provided by our framework? Go through our features page in order to understand what’s under the hood.


Plugin architecture


Vulnerabilities are identified using plugins, which are short and sweet pieces of Python code that send specially crafted HTTP requests to forms and query string parameters to identify errors and mis-configurations.


Flexible

Easy to use for novice users, fully customizable for hackers and developers. We’ve built it that way.

Expert tools

Besides the automated scanning features w3af’s GUI provides expert tools which allow the advanced users to manually craft and send custom HTTP requests, generate requests in an automated manner, cluster HTTP responses and more!

More here.

w3af - Web Application Attack and Audit Framework


Find interesting Amazon S3 Buckets by watching certificate transparency logs.
This tool simply listens to various certificate transparency logs (via certstream) and attempts to find public S3 buckets from permutations of the certificates domain name.

Some quick tips if you use S3 buckets:
  1. Randomise your bucket names! There is no need to use company-backup.s3.amazonaws.com.
  2. Set appropriate permissions and audit regularly. If possible create two buckets - one for your public assets and another for private data.
  3. Be mindful about your data. What are suppliers, contractors and third parties doing with it? Where and how is it stored? These basic questions should be addressed in every info sec policy.

Installation
Python 3.4+ and pip3 are required. Then just:
  1. git clone https://github.com/eth0izzle/bucket-stream.git
  2. (optional) Create a virtualenv with pip3 install virtualenv && virtualenv .virtualenv && source .virtualenv/bin/activate
  3. pip3 install -r requirements.txt
  4. python3 bucket-stream.py

Usage
Simply run python3 bucket-stream.py.
If you provide AWS access and secret keys in config.yaml Bucket Stream will attempt to identity the buckets owner.
usage: python3 bucket-stream.py

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

optional arguments:
  -h, --help           show this help message and exit
  --only-interesting   Only log 'interesting' buckets whose contents match
                       anything within keywords.txt (default: False)
  --skip-lets-encrypt  Skip certs (and thus listed domains) issued by Let's
                       Encrypt CA (default: False)
  -t , --threads       Number of threads to spawn. More threads = more power.
                       (default: 20)

F.A.Qs
  • Nothing appears to be happening
    Patience! Sometimes certificate transparency logs can be quiet for a few minutes.
  • I found something highly confidential
    Report it - please! You can usually figure out the owner from the bucket name or by doing some quick reconnaissance. Failing that contact Amazon's support teams.

Bucket Stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs


This tool is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins. For more info click here.

Usage
$ git clone https://github.com/m4ll0k/wpsploit.git
$ cd wpsploit
$ python wpsploit.py plugin_file.php
or
$ wget https://raw.githubusercontent.com/m4ll0k/wp_sploit/master/wpsploit.py
$ python wpsploit.py plugin_file.php

Example
$ wget https://plugins.svn.wordpress.org/analytics-for-woocommerce-by-customerio/trunk/admin/class-wccustomerio-admin.php
$ python wpsploit.py class-wccustomerio-admin.php


WPSploit - WordPress Plugin Code Scanner

Subscribe to: Posts (Atom)