top of page
Search
Spaghetti – An Open Source Web Application Security Scanner
Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations and...
Why use Node.js?
JavaScript’s rising popularity has brought with it a lot of changes, and the face of web development today is dramatically different. The...
How to check if a website is safe or not?
In this modern era where cyber attacks are most prominent,there is definitely a need to ensure how safe a website is? Internet, it is...
CarbonCopy : A Tool Which Creates A Spoofed Certificate of Any Online Website
CarbonCopy is a tool which creates a spoofed certificate of any online website. As the Internet users growing day by day, simple methods...
Man-in-the-Middle Attack on SSL
HTTP vs HTTPS? Instead of HyperText Transfer Protocol (HTTP), this website uses HyperText Transfer Protocol Secure (HTTPS). Using HTTPS,...
The DROWN Attack
DROWN stands for 'Decrypting RSA using Obsolete and Weakened Encryption'. In short what this means is that TLS connections to a large...
HTTPS Spoofing – How Phishing Websites Use HTTPS to Fool Mobile Users
As a safeguard against the activities of fraudsters and malicious actors who engage in email phishing, social engineering scams,...
Brutespray – Port Scanning and Automated Brute Force Tool
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even...
Sublist3r - Enumerate subdomains of websites
About Sublist3r Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug...
Test and Prevent JS Injection Attacks on Website
What is Javascript Injection? Javascript is one of the most popular technologies and is most widely used for web pages and web...
What is Remote File Inclusion (RFI)?
Remote File inclusion (RFI) refers to an inclusion attack wherein an attacker can cause the web application to include a remote file by...
What is Local File Inclusion (LFI)?
Local File inclusion (LFI), or simply File Inclusion, refers to an inclusion attack through which an attacker can trick the web...
WebKiller - Tool Information Gathering Write With Python.
Install git clone https://github.com/ultrasecurity/webkiller.git cd webkiller pip install -r requirements.txt python webkiller.py Video...
Warchild - Analysing strength of your website against different kinds of denial of service attacks
Warchild is a denial of service testing suite made for analysing the strength of your website against different kinds of denial of...
Advanced Backdoor Obfuscation and Evasion Technique
Cyber criminals are using the most sophisticated techniques to bypass the security controls in various organization such as IT, medical,...
LinkFinder - A Python Script That Finds Endpoints In JavaScript Files
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and...
Photon - Incredibly Fast Crawler
Photon is a lightning fast web crawler which extracts URLs, files, intel & endpoints from a target. Yep, you can use 100 threads and...
SQL INJECTION
A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A...
CROSS ORIGIN RESOURCE SHARING
Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell a browser to let a web application running...
CROSS SITE SCRIPTING
Cross-site scripting (XSS) is a code injection attack that allows an attacker to execute malicious JavaScript in another user's browser....
bottom of page