Exploits

Finding the right exploit code

I am often looking for the right exploit code, to test and learn from in a lab setting, adapt and use during a penetration test, or to help determine the risk level of a finding during a risk assessment. An exploit is a small program, which exploits a specific vulnerability present in a software program. It […]

Pentests

BugBounty — “User Account Takeover-I just need your email id to login into your shopping portal account”

Hi Guys, A pending writeup about a very simple and yet critical vulnerability by which I was able to takeover any user account in a popular Online Shopping Portal. Let’s see what was the complete scenario — The most crucial part in software development when it comes to security is the integration. Majority of security […]

Tools

Wapiti – The Black Box Vulnerability Scanner for Web Applications

Wapiti is an open source tool that scans web applications for multiple vulnerabilities including data base injections, file disclosures,  cross site scripting, command execution attacks,  XXE injection, and CRLF injection. The database injection includes SQL, XPath, PHP, ASP, and JSP injections. Command execution attacks include eval(), system(), and passtru() vulnerabilities. Besides identifying the aforesaid vulnerabilities, […]

Tools

Sitadel – An Open Source Tool for Finding Web Application Vulnerabilities

Sitadel is a python based web application scanner. It’s flexible and has many different scanning options. It can get a full fingerprint of a server and bruteforce directories, admin pages, files etc. Also, it can search for injection type attacks (slq, html, xss, rfi, ldap and more), other information disclosures and popular vulnerabilities. Installing Sitadel […]