12 matches found
Multi-Agent Honeypot-Based Request-Response Context Dataset for Improved SQL Injection Detection Performance
SQL injection remains a major threat to web applications, as existing defenses often fail against obfuscation and evolving attacks because of neglecting the request-response context. This paper presents a context-enriched SQL injection detection framework, focusing on constructing a high-quality...
Vitess allows HTML injection in /debug/querylogz & /debug/env
Summary The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into the monitoring page at will. Details These pages are rendered using text/template instead of rendering with a proper HTML...
Nethive-Project - Restructured And Collaborated SIEM And CVSS Infrastructure
The Nethive Project provides a Security Information and Event Management SIEM insfrastructure empowered by CVSS automatic measurements. Features Machine Learning powered SQL Injection Detection Server-side XSS Detection based on Chrome's XSS Auditor Post-exploitation Detection powered by Auditbea...
Vxscan
This is a Python script for a comprehensive vulnerability scanner, Vxscan. The script is designed to perform various types of scans, including: 1. Directory scanning and JavaScript leak detection 2. WAF/CDN identification 3. Port scanning 4. Fingerprinting and service identification 5. Operating...
Leviathan - Wide Range Mass Audit Toolkit
Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this...
Piwigo 2.7.2 - Multiple Vulnerabilities
Piwigo 2.7.2 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Piwigo 2.7.2 - SQL Injection / Cross Site Scripting Vulnerability's Date: 19/12/2014 Url Vendor:...
[ParameterFuzz v1.8] Parameter´s auditor for web applications
ParameterFuzz is a tool to check the level of fortification in web applications, try to cover the field more exploited by hackers, as the majority of known attacks are based on exploiting poorly filtered parameters. Just as SQL injection, Cross Site Scripting or RFI among others. This tool is...
Uniscan 4.0 vulnerability scanner Released
Uniscan 4.0 vulnerability scanner Released The Uniscan vulnerability scanner is aimed at information security, which aims at finding vulnerabilities in Web systems and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 GPL 3. The Uniscan was developed using the Perl programming language to be...
aidSQL: A Tool to Find Vulnerable Spots in Web Sites !
aidSQL is a PHP application provided for detecting security holes in your websites. It is a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. Sample usage of aidsql: ./aidSQL --url=www.sample123.com We find it similar to nikto,...
webcalsys340-sqlxss.txt
000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 000 0 0 0...
PHPLinks SQL Injection
Binary data 2350.prm...
Potential SQL Injection Vulnerability Detection
Binary data 2003.prm...