Zer0Byte

Geekiest Techno News

WPScan: A WordPress Vulnerability Scanner

Note for l33ts:- WordPress ur goin down baby :p Introduction WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach. Download Please download the latest WPScan from  Subversion (SVN) code repository by issuing the following command: svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan Details Username enumeration (from author querystring and location header) Weak  [ Read More ]

This time geek more improvements on the site cloner has been done along with java Repeater being fixed. check out the complete v2.5  Changelog below: ~~~~~~~~~~~~~~~~ version 2.5 ~~~~~~~~~~~~~~~~ rehaul of site cloner, it now injects into body properly and leverages unc, redirection, and others properly redid a few options on repeater.database, unc.database to make  [ Read More ]

XSSer: Cross Site “Scripter”

look g33ks let me just give u a very quick overview about this tool. THis is THE sHIt !!! What is XSSer ? Cross Site “Scripter” is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. It contains several options to try to bypass certain filters, and various special techniques of  [ Read More ]

Shodan:Cheat Sheet by XSS Root

Read about Shodan last week..so now this week,its about shodan cheat sheet http://zer0byte.com/2011/11/18/shodan-expose-online-devices/ Shodan makes so easy to find any device which is in the internet.Down below are few cheats in shodan based on devices. If you want to check a particular  service in a particular target then it would be like Usage:service name host  [ Read More ]

W3AF: Web Application Attack and Audit Framework.

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. To read our short and long term objectives w3af provides plugin writers with this features: urllib2 wrapper In order to send requests to the  [ Read More ]

PHP Vulnerability Hunter

What is PHP Vulnerability Hunter? This is the application that detected almost all of the web application vulnerabilities listed on the advisories page. PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is necessary to begin a scan;  [ Read More ]

The Suricata Engine: IDPE

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. OISF is part of and funded by the Department of Homeland Security’s Directorate for Science and  [ Read More ]

Maltego Case File Beta Release Download Now!!!

According to developers blog of  Maltego, the team is has  released a new version’s Beta  by name of “CASE FILE”. This version of Maltego will be specifically more focused on Intelligence Analysts that work with internal (or self created) data. Maltego is an open source intelligence and forensics application. It will offer you timous mining  [ Read More ]

SHODAN: Expose Online Devices

Bing is for noobs, Google is for people who know at least lil bit of computers :p but shodan my g33k fellows is made solely for us. This is basically a search engine that actually look for things that are open to us by noob admins. So what is SHODAN ? SHODAN is a search  [ Read More ]

Smashthestack.org: L33t Wargaming Network

Before i start praising this l33t h@X0r website, I would personally like you to read the famous quote taken from non other than the movie Matrix. Morpheus: This is your last chance. After this, there is no turning back. You take the blue pill – the story ends, you wake up in your bed and  [ Read More ]