injection – PentestTools

Fawkes - Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)

Fawkes – Search For Targets Vulnerable To SQL Injection

December 23, 2020

[sc name=”ad_1″] Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine. Options...

N1QLMap - The Tool Exfiltrates Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities

Exploitation Tools

N1QLMap – Exfiltrate Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities

November 30, 2020

Add Comment

[sc name=”ad_1″] N1QLMap is an N1QL exploitation tool. Currently works with Couchbase database. The tool supports data extraction and performing...

Garud - An Automation Tool That Scans Sub-Domains, Sub-Domain Takeover And Then Filters Out XSS, SSTI, SSRF And More Injection Point Parameters

Web Application Security

Garud – Scan Sub-Domains, Sub-Domain Takeover with XSS, SSTI, SSRF

November 19, 2020

Add Comment

[sc name=”ad_1″] An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point...

Exploitation Tools

NoSQLi – NoSql Injection CLI Tool

October 27, 2020

Add Comment

[sc name=”ad_1″] NoSQL scanner and injector. About Nosqli I wanted a better nosql injection tool that was simple to use, fully command line based...

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

Exploitation Tools

SQLMap- Automatic SQL Injection And Database Takeover Tool

September 11, 2020

Add Comment

[sc name=”ad_1″] SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and...

Web Application Security

Scant3R – Web Security Scanner

July 8, 2020

Add Comment

[sc name=”ad_1″] ScanT3r – Web Security Scanner _____ ___________ / ___/_________ _____/_ __/__ /_____ __ / ___/ __ `/ __ / / /_ </ ___/...

Exploitation Tools

Server Side Template Injection Payloads

July 6, 2020

Add Comment

[sc name=”ad_1″] Server-side template injection is when an attacker is able to use native template syntax to inject a malicious payload into a...

Exploitation Tools

IIS-Raid – A Native Backdoor Module For Microsoft IIS

July 2, 2020

Add Comment

[sc name=”ad_1″] IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions...

Exploitation Tools

SQLMap v1.3.10 – Automatic SQL Injection And Database Takeover Tool

October 5, 2019

Add Comment

[sc name=”ad_1″] SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and...

Exploitation Tools

Pixload – Image Payload Creating/Injecting Tools

September 20, 2019

1 Comment

[sc name=”ad_1″] Set of tools for creating/injecting payload into images. Useful references for better understanding of pixload and its use-cases:...

Tag - injection

Fawkes – Search For Targets Vulnerable To SQL Injection

N1QLMap – Exfiltrate Data From Couchbase Database By Exploiting N1QL Injection Vulnerabilities

Garud – Scan Sub-Domains, Sub-Domain Takeover with XSS, SSTI, SSRF

NoSQLi – NoSql Injection CLI Tool

SQLMap- Automatic SQL Injection And Database Takeover Tool

Scant3R – Web Security Scanner

Server Side Template Injection Payloads

IIS-Raid – A Native Backdoor Module For Microsoft IIS

SQLMap v1.3.10 – Automatic SQL Injection And Database Takeover Tool

Pixload – Image Payload Creating/Injecting Tools

Topics