Articles in the Tools category

One of the main issues people face in web application based organizations is the channel of communication between the security team and developers. This often involves lengthy steps for reproduction of vulnerabilities. Often times these are tedious to follow let alone repeat multiple times for the pentesters. So, I was …


I recently had the necessity to test multiple flash files for XSS. Flashbang is an awesome tool for this kind of work. Since Flashbang needs a browser to run, the only way to automate it for multiple files is to use a headless browser like PhantomJS. So, it was easy …


Crawler for NMDC networks [Tools]

What is the meaning of a crawler in a file sharing network? Very simple for me. Something that collects all the files that are shared by clients on that dc network. But collecting all the shared files is a huge task. So, I reduced my task to just collecting metadata …


Plug-n-Hack support in OWTF [Tools]

Plug-n-Hack (PnH) is a proposed standard from the Mozilla security team for defining how security tools can interact with browsers in a more useful and usable way. More info about PnH can be found in this blog post.

The interesting thing is that OWTF now supports this standard and below …


Skipfish through a proxy [Tools]

My recent use of skipfish for benchmarking some proxies left me searching for a way to route skipfish requests through a proxy server. After searching the web for few frantic moments, I understood that there are two approaches to solve this problem.

  1. To recompile skipfish after enabling the proxy feature …


Page 1 / 2 »

Categories
Tags
Author