Main Page

Get involved by signing up for and contributing to this wiki, joining IRC or subscribing to /r/blackhat!
Brought to you by Blackhat Academy

Featured Article

Shellcode Appendix

The Shellcode Appendix is a collection of shellcodes and documentation developed by our staff. The included shellcode is flexible, can bypass firewalls, automated detection, and demonstrate advanced shellcoding techniques.

Learn more - Shellcode Appendix

Featured Tool

MySQLi-BlindUtils

MySQLi-BlindUtils is a collection of blind SQL injection utilities for MySQL that demonstrate a variety of techniques. It contains sqli-hap.py, which demonstrates our new comparative precomputation technique; sqli-slee.py, a time-based injection tool; and sqli-p.pl, for boolean enumeration.

Learn more - MySQLi-BlindUtils

Articles

Exploitation:

Stack overflows • SQL injection • XSS • Cookies • File inclusion • Command injection • XSCF • Coldfusion hacking • Web exploitation

Programming:

Ascii shellcode • C • C++ • Perl • Python • LUA • Polymorphic • The bash book • SQL Backdoors

(All Pages)

Tools
Vanguard	web application vulnerability testing engine written in perl with LibWhisker2 support	Jynx2	Version 2.0 of the classic LD_Preload userland rootkit written in C
Bleeding Life	PHP and MySQL based browser buffer overflow exploit pack	Kolkata	Configurable perl scanner that analyzes checksums to perform fingerprinting on web applications with static file analysis
GScrape	Google scraper written perl for rapidly identifying vulnerable websites and generating statistics	Lfi_autopwn.pl	Given a file inclusion vulnerability, this Perl script will spawn a shell
Mysql5 enumerator	Automatically map contents or query a remote database given a URL vulnerable to SQL injection with this perl script	Social Network Redirection Utility	Rickroll your friends with content-forged image redirects

Main Page

Navigation menu

Views

Personal tools

Wiki

Community

Search

Tools