Search the Community

Showing results for tags 'blind'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
    • Moderators
    • Staff
    • Administration
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
  • Security & Anonymity
  • Operating Systems | Hardware | Programs
  • Graphic Design
  • vBCms Comments
  • live stream tv
  • Marketplace
  • Pentesting Premium
  • Modders Section
  • PRIV8-Section
  • Pentesting Zone PRIV8
  • Carding Zone PRIV8
  • Recycle Bin

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me


Location


Interests


Occupation


TeamViewer


Twitter


Facebook


Youtube


Google+


Tox

Found 13 results

  1. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for future reference. [hide][Hidden Content]]
  2. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for future reference. [hide][Hidden Content]]
  3. JSshell – a JavaScript reverse shell. This using to exploit XSS remotely, help to find blind XSS, … This tool works for both Unix and Windows operating system and it can be running with both Python 2 and Python 3. This is a big update of JShell – a tool to get a JavaScript shell with XSS by s0med3v. JSshell also doesn’t require Netcat (different from other javascript shells). New in JSshell version 2.9 Updated in the new version of JShell 2.9: New JSshell command: cookie -> allows to view the cookies of the current user who established the shell Support javascript function: Fixed some bugs [hide][Hidden Content]]
  4. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for future reference. [hide][Hidden Content]]
  5. ezXSS is an easy way to test (blind) Cross-Site Scripting. Current features Easy to use dashboard with statics, payloads, view/share/search reports and more Payload generator Instant email alert on the payload Custom javascript for extra testing Prevent double payloads from saving or alerting Share reports with other ezXSS users Easily manage and view reports in the system Search for reports in no time Secure your system account with extra protection (2FA) The following information is collected on a vulnerable page: The URL of the page IP Address Any page referer (or share referer) The User-Agent All Non-HTTP-Only Cookies Full HTML DOM source of the page Page origin Time of execution its just ez Changelog v3.6 In order to update ezXSS 3.x to 3.6 you need to rename config.ini.example to config.ini and fill in your database information. Your database information is no longer stored in the Database.php. Changelog: Fixed #56, bug on deleting reports on page 2 or up Fixed and added #55, custom send mail from Added config file Renamed some things Fixed some other small bugs [hide][Hidden Content]]
  6. XCat is a command line tool to exploit and investigate blind XPath injection vulnerabilities. For a complete reference read the documentation here: [Hidden Content] It supports an large number of features: Auto-selects injections (run xcat injections for a list) Detects the version and capabilities of the xpath parser and selects the fastest method of retrieval Built in out-of-bound HTTP server Automates XXE attacks Can use OOB HTTP requests to drastically speed up retrieval Custom request headers and body Built in REPL shell, supporting: Reading arbitrary files Reading environment variables Listing directories Uploading/downloading files (soon TM) Optimized retrieval Uses binary search over unicode codepoints if available Fallbacks include searching for common characters previously retrieved first Normalizes unicode to reduce the search space [HIDE][Hidden Content]]
  7. XCat XCat is a command-line tool to exploit and investigate blind XPath injection vulnerabilities. It supports a large number of features: Auto-selects injections (run xcat injections for a list) Detects the version and capabilities of the xpath parser and selects the fastest method of retrieval Built-in out-of-bound HTTP server Automates XXE attacks Can use OOB HTTP requests to drastically speed up retrieval Custom request headers and body Built-in REPL shell, supporting: Reading arbitrary files Reading environment variables Listing directories Uploading/downloading files (soon TM) [HIDE][Hidden Content]]
  8. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for future reference. [HIDE][Hidden Content]]
  9. [HIDE][Hidden Content]]
  10. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for future reference Changelog v1.0.124 Adding support for Kuipernet [HIDE][Hidden Content]]
  11. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Changelog v1.0.123 Update (Hello from Hyundai) [HIDE][Hidden Content]]
  12. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 60 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. [HIDE][Hidden Content]]
  13. identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. The blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. [Hidden Content] AND 2>1). Currently, it supports more than 60 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing. Also, as part of this project, screenshots of characteristic responses for different web protection systems are being gathered (manually) for the future reference. Changelog v1.0.118 Adding signatures for new WAF (Wapples) [HIDE][Hidden Content]]