导航

Web安全手册

分享本身就是件快乐的事 我因别人得到帮助而感到幸福

[置顶] 悲剧啊

[置顶] 技术过关游戏

[置顶] 免责声明 & 文章投递

WebCruiser - Web Vulnerability Scanner V1.3.1.0306 Released

WebCruiser - Web Vulnerability Scanner V1.3.1.0306

webraider

(source code and binaries are available)

Acunetix Web Vulnerability Scanner 6.5 Build 2010_02_10 Enterprise Version

Acunetix Web Vulnerability Scanner 6.5 Build 2010_02_10 Enterprise Version & Crack Patch

Portable Acunetix Web Vulnerability Scanner Enterprise Edition v6.5 build 20100210

#Trace: 今天在Pst聚合上看到一个Acunetix Web Vulnerability Scanner v6.5 build 20100210的补丁,在网上没找到安装包,问了几个人也没问到,找到一个便携版的,在vmware里试了下,可以升级。源地址被墙,已经上传到Rapidshare上。

NoMore AND 1=1 - Web Application Testing Tool released

containing a large categorized list of useful expressions to inject in
his day to day duties . Those expressions come from guys like Ferruh
Mavituna, Hack.ers, etc (all credited in the sources) and personal
experience.

asprootkit

是学习wmi的练手作品,专门为管理员身份下运行设计的,普通的IISUSER身份下无法正常运行。如果你提权加上了用户,却因为种种原因,暂时进不了终 端什么的,可以传这个shell到服务器上,做一些猥琐的事。有的时候在shell下操作也是很方便的哦

你可能会问了,这个跟海洋的以管理员身份登陆有什么区别?海洋毕竟不是专门为这种环境设计的。而且熟悉IIS权限机制的同学都应该知道,普通的 webshell,就算用管理员身份登陆了,执行命令还是应用程序池的身份。而这个shell,无论任何操作,包括运行程序,都是以你登陆用户的身份

ASP连接任何数据库的脚本

前段时间研究DB2、SYBASE、ORACLE,某些特定情况需要ASP来连接。写了一个ASP。来连接数据库。而且还可以根据查询语句做相应输出。对于某些“商业间谍”来说。简直就是居家旅行必备。只不过效率太低了。查询几百万条的数据。那个慢啊。要是碰到多表关联的。很容易超时。所以查询之前根据语句先建立个索引。可以极大提高效率。然后再分页输出。然后再XXXXX。

OWASP Code Crawler 2.5 Released

OWASP Code Crawler is a .NET Windows Forms application built using Microsoft .NET C#, XML, Linq and few third parties open source components. Its development started in fall 2007 as a very simple prototype from a mail conversation between me (Alessio Marziali) and Eoin Keary (Code Review Project Leader and Board Member). Eoin spotted the hidden power of this tool and asked me if I could be interested in converting it to open source. Thrilled by the idea of joining OWASP, few months later Code Crawler became an official OWASP Project.

Toolza 1.0 by Pashkela

Toolza 1.0 by Pashkela [BugTrack Team] © 2009 (greets to forum.antichat.ru)

 

WebCruiser - Web Vulnerability Scanner V1.0 中英文版

WebCruiser - Web Vulnerability Scanner V1.0 中英文版

Burp Suite v1.3 released

Burp Suite is a Java application, and runs on any platform for which a Java Runtime Environment is available. It requires version 1.5 or later. The JRE can be obtained for free from

http://java.sun.com/javase/downloads/index.jsp

计算机反COFEE取证工具-DECAF

反取证软件DECAF(全名是Detect and Eliminate Computer Assisted Forensics,检测和清除计算机法庭科学证据提取器)。DECAF程序只有181KB,它能删除COFEE的临时文件,杀死其进程,抹掉COFEE 的所有log,禁用USB,为了让COFEE无法追踪它甚至能制造出多种多样的欺骗性的MAC地址。需要提醒的是,DECAF没有提供源代码,所以我们并 不知道它到底对计算机干了什么。DECAF的开发者声称,未来的版本将允许电脑用户通过电子邮件或短消息远程关闭电脑,如果探测到电脑落入执法机关之手的 话。如果情况紧急它还能向同伴发出警告通知。

MD5Seacrh v1.8 by mass

Md5 cracker online

WinScanX - A free Windows enumeration tool and a must have for any security professional

WinScanX was released today. A Windows command-line enumeration tool plus an optional GUI front-end. A must have for any security professional.

SSHatter

Password brute forcer for SSH.

分页:«123456789»

Powered By Z-Blog .Theme from Google黑板报 By Washun

Copyright 2008-2009 Pcsec.org. Some Rights Reserved.苏ICP备08110306号