Questions about this topic? Sign up to ask in the talk tab.

Main Page

From NetSec
Jump to: navigation, search
c3el4.png
Get involved by signing up for and contributing to this wiki, joining IRC or subscribing to /r/blackhat!
Brought to you by Blackhat Academy


Featured Article

Shellcode Appendix

The Shellcode Appendix is a collection of shellcodes and documentation developed by our staff. The included shellcode is flexible, can bypass firewalls, automated detection, and demonstrate advanced shellcoding techniques.

Learn more - Shellcode Appendix
Featured Tool

MySQLi-BlindUtils

MySQLi-BlindUtils is a collection of blind SQL injection utilities for MySQL that demonstrate a variety of techniques. It contains sqli-hap.py, which demonstrates our new comparative precomputation technique; sqli-slee.py, a time-based injection tool; and sqli-p.pl, for boolean enumeration.

Learn more - MySQLi-BlindUtils


Articles

Exploitation:

Stack overflowsSQL injectionXSSCookiesFile inclusionCommand injectionXSCFColdfusion hackingWeb exploitation

Programming:

Ascii shellcodeCC++PerlPythonLUAPolymorphicThe bash bookSQL Backdoors


(All Pages)


Tools
Vanguard web application vulnerability testing engine written in perl with LibWhisker2 support Jynx2 Version 2.0 of the classic LD_Preload userland rootkit written in C
Bleeding Life PHP and MySQL based browser buffer overflow exploit pack Kolkata Configurable perl scanner that analyzes checksums to perform fingerprinting on web applications with static file analysis
GScrape Google scraper written perl for rapidly identifying vulnerable websites and generating statistics Lfi_autopwn.pl Given a file inclusion vulnerability, this Perl script will spawn a shell
Mysql5 enumerator Automatically map contents or query a remote database given a URL vulnerable to SQL injection with this perl script Social Network Redirection Utility Rickroll your friends with content-forged image redirects