A perl based tool for misconfiguration, version detection, enumeration, and server information scanning. Web-Sorrow is a “safe to run” program. meaning it is not designed attempt to exploit or preform any kind of injection,...
Enema – tool for SQL injection
Enema is not autohacking software. This is dynamic tool for people, who knows what to do. Not supported old database versions (e. g. mysql 4.x). Development targeted to modern versions. Features: Multi-platform. User-friendly graphical...
XCat – exploitation of XPath injection vulnerabilities
XCat is a command line program that aides in the exploitation of XPath injection vulnerabilities. It boasts a wide range of features and can utilize the more advanced features of the XPath 2.0 specification...
Apache Tomcat Remote Exploit (PUT request) and Account Scanner
The modified pnscan scanner utility scans a range of IPs to find open apache tomcat servers by trying the following login access combinations: tomcat:tomcat password:password admin:admin admin:password admin:<nopass> tomcat:<nopass> The included perl script can...
httpry packet sniffer
httpry is packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but to capture, parse, and log the traffic for later analysis. It can be run...