SkipFish – Web Application Security Scanner

SkipFish is a fully automated, active web application security reconnaissance tool. Key Features: High Speed: Pure C code, highly optimized HTTP handling, minimal CPU footprint – easily achieving 2000 requests per second with responsive targets. Ease of Use: Heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly […]

Continue Reading

finddomains – Discover Domains by IP Address, Hosts

FindDomains is a multithreaded search engine discovery tool that will be very useful for penetration testers dealing with discovering domain names/web sites/virtual hosts which are located on too many IP addresses. Provides a console interface so you can easily integrate this tool to your pentest automation system. It retrieves domain names/web sites which are located […]

Continue Reading

Symantec Online Store Hacked

Symantec Exposed Passwords, Serials – SQL Injection, Full Database Access A self-proclaimed grey-hat hacker has located a critical SQL injection vulnerability in a website belonging to security giant Symantec. The flaw can be leveraged to extract a wealth of information from the database including customer and admin login credentials, product serial numbers, and possibly credit […]

Continue Reading