open-labs.png

httptraceroute02.tar.gz HTTPTRACEROUTE: HTTP based traceroute PoC.

sqlibf113b2.tar.gz SQLIBF: Tool for automatizing the work of detecting and exploiting SQL Injection vulnerabilities. SQLibf can work in Visible and Blind SQL Injection. It works by doing simple logic SQL operations to determine the exposure level of the vulnerable application.

crazy_encoder3.tar.gz CRAZY_ENCODER: Miscellaneous HTTP encodings calculator. (Win32 + MFC gui)

gzip_encoding01.tar.gz GZIP_ENCODING: Command line tools for simple manipulation of Gzip Encoded HTTP transfers.

iisbruteforcer15.tar.gz IISBF: HTTP authentication cracker. It's a tool that launchs an online dictionary attack to test for weak or simple passwords against protected areas on an IIS Web server.

metoscan05.tar.gz METOSCAN: Simple tool for scanning the HTTP methods supported by a Web server. It works by testing a URL and checking the responses for the different requests.

easy_scraper02.tar.gz EASY_SCRAPER: Simple, easy and dirty perl based Web Data Scraper. It works by querying a Website multiple times and copying returned content to generate a custom database. (Perl + 1337 Tk gui)

hacker_webkit02.tar.gz HACKER_WEBKIT: Pack of scripts useful for doing pentesting in a wide range of Web servers. Each module includes 3 components: Command execution, Directory browsing and File uploading. Current modules are: ASP, CFM, EXE, JSP, PHP, PL, SERVLET and SH.

ecoscan04.tar.gz ECOSCAN: Simple tool for scanning the HTTP encodings supported by a Web server. It works testing a URL and checking the responses for the different probes.

dirb204.tar.gz DIRB: Tool for doing Web Scanning by looking for hidden Web Objects. It works by launching a dictionary attack against a Web server and analizing the responses. DIRB main purpose is to help in Web application security auditing.

ob-session04.tar.gz OB-SESSION: HTTP session cookie analyzer script. It does some tests over the session identifiers and calculate the linear correlation between the different IDs. This gives an approximation to the strength of the cookie against cookie prediction attacks.

darkraver()open-labs#org