Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'v1.4.6'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Categories

  • Files
  • Online Book
  • Services

Categories

  • Hacking

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 2 results

  1. Sqlmap v1.4.6 - automates the process of detecting and exploiting SQL injection flaws Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. Features implemented in sqlmap include: Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB database management systems. Full support for five SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query and stacked queries. Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name. It is possible to provide a single target URL, get the list of targets from Burp proxy or WebScarab proxy requests log files, get the whole HTTP request from a text file or get the list of targets by providing sqlmap with a Google dork which queries Google search engine and parses its results page. You can also define a regular-expression based scope that is used to identify which of the parsed addresses to test. Tests provided GET parameters, POST parameters, HTTP Cookie header values, HTTP User-Agent header value and HTTP Referer header value to identify and exploit SQL injection vulnerabilities. It is also possible to specify a comma-separated list of specific parameter(s) to test. Option to specify the maximum number of concurrent HTTP(S) requests (multi-threading) to speed up the blind SQL injection techniques. Vice versa, it is also possible to specify the number of seconds to hold between each HTTP(S) request. Others optimization switches to speed up the exploitation are implemented too. HTTP Cookie header string support, useful when the web application requires authentication based upon cookies and you have such data or in case you just want to test for and exploit SQL injection on such header values. You can also specify to always URL-encode the Cookie. Automatically handles HTTP Set-Cookie header from the application, re-establishing of the session if it expires. Test and exploit on these values is supported too. Vice versa, you can also force to ignore any Set-Cookie header. HTTP protocol Basic, Digest, NTLM and Certificate authentications support. HTTP(S) proxy support to pass by the requests to the target application that works also with HTTPS requests and with authenticated proxy servers. Options to fake the HTTP Referer header value and the HTTP User-Agent header value specified by user or randomly selected from a textual file. Support to increase the verbosity level of output messages: there exist seven levels of verbosity. Support to parse HTML forms from the target URL and forge HTTP(S) requests against those pages to test the form parameters against vulnerabilities. Granularity and flexibility in terms of both user’s switches and features. Estimated time of arrival support for each query, updated in real time, to provide the user with an overview on how long it will take to retrieve the queries’ output. Automatically saves the session (queries and their output, even if partially retrieved) on a textual file in real time while fetching the data and resumes the injection by parsing the session file. Support to read options from a configuration INI file rather than specify each time all of the switches on the command line. Support also to generate a configuration file based on the command line switches provided. Support to replicate the back-end database tables structure and entries on a local SQLite 3 database. Option to update sqlmap to the latest development version from the subversion repository. Support to parse HTTP(S) responses and display any DBMS error message to the user. Integration with other IT security open source projects, Metasploit and w3af. More… Changelog v1.4.6 Fixes #4220 [Hidden Content] [HIDE][Hidden Content]]
  2. pocsuite3 pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers and security researchers. Features PoC scripts can running with attack,verify, shell mode in different way Plugin ecosystem Dynamic loading PoC script from any where (local file, redis , database, Seebug …) Load multi-target from any where (CIDR, local file, redis , database, Zoomeye, Shodan …) Results can be easily exported Dynamic patch and hook requests Both command line tool and python package import to use IPV6 support Global HTTP/HTTPS/SOCKS proxy support Simple spider API for PoC script to use Integrate with Seebug (for load PoC from Seebug website) Integrate with ZoomEye (for load target from ZoomEye Dork) Integrate with Shodan (for load target from Shodan Dork) Integrate with Ceye (for verify blind DNS and HTTP request) Friendly debug PoC scripts with IDEs More … Changelog version 1.4.6 Fix problems with -v Fix problems that may occur when loading multiple pocs [HIDE][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.