Penetration Testing
WebSurgery v1.1 released (Web application security testing suite) Nov 11 2013 09:48PM
John Stamatakis (john stamatakis sunrisetech gr)
Overview
========
Sunrise is proudly announces WebSurgery v1.1!

WebSurgery is a suite of tools for security testing of web applications. It
is designed to address the ongoing needs of security auditors so to
facilitate them with web application planning and exploitation. Suite
currently contains a spectrum of efficient, fast and stable web tools
(Crawler, Bruteforcer, Fuzzer, Proxy, Editor) and some extra functionality
tools (Scripting Filters, List Generator, External Proxy).

Tools
====
- Crawler
                Crawler is designed to be fast, accurate, stable and
completely parameterized using advanced techniques to extract links from
HTML, CSS, Javascript and AJAX.
- Bruteforcer
                Bruteforcer for files and directories within the web
application which helps to identify the hidden structure.
- Fuzzer
                Fuzzer is a highly advanced tool to create a number of
requests based on one initial request. Can be used to exploit (Blind) SQL
Injections, Cross Site Scripting (XSS), Denial of Service (DOS), Bruteforce
for Username / Password Authentication Login Forms and identification of
Improper Input Handling and Firewall / Filtering Rules.
- Proxy
                Proxy is a server running locally and will allow you to
analyze, intercept and manipulate HTTP/HTTPS requests coming from your
browser or other application which support proxies.
- Editor
                Advanced ASCII/HEX Editor to manipulate individual requests.

Extra
====
- Scripting Filters
                Advanced Scripting Filters to filter specific requests /
responses with support of regular expressions and large number of variables.
- List Generator
                List Generator for different list types (File, Charset,
Numbers, Dates, IP Addresses, Custom) with additional rules support.
- External Proxy
                External Proxy redirects suite's traffic to another
HTTP/SOCKS proxy.
               
Download & Documentation
======================
http://sunrisetech.gr/?page=websurgery&tab=download

Best regards,
John Stamatakis
Sunrise Technologies

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus