Select a tag to browse associated projects and drill deeper into the tag cloud.
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security ... [More]
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in ... [More]
Ronin is a Ruby platform for exploit development and security research. Ronin allows for the rapid development and distribution of code, exploits or payloads over many common Source-Code-Management (SCM) systems.
Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability.
SecureImage is a image validator that can be used for validating image files on upload systems (such as photo galleries,forums,etc ..) against the threads for XSS issues with IE and LFI attacks. For Internet Explorer; you can succesfully launch XSS attacks with malformed image files because of ... [More]
It's a small library project for security of image handling on web applications such as photo galleries, forums, upload systems etc. The project links of PHP, JAVA and .NET implementations of secureimage library can be reached from this project site. JAVA SecureImage .NET SecureImage PHP SecureImage
Local File Inclusion Scanner by cAs-> Searchstring One: $page = $_GET[page]; -> Searchstring Two: include($page); Created September 2k8 Changelog: Beta 1: Searching for: $_GET[var] include($var) Beta 2: Searching for: $var
fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable. ... [More]
iScan is a open source Java (therefore portable) web vulnerability scanner, intended to be a valid counterpart of its proprietary competitors .