injection – Cyber Sec Labs

LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)

Black Hat Sec, May 7, 2021, EXPLOIT-COLLECTOR, Home, Countermeasures, cross, detect, injection, scripting, libinjection, 0

LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks. SQLi and other injection attacks remain the top OWASP and CERT vulnerability. Current detection attempts frequent...

Evasor – A Tool To Be Used In Post Exploitation Phase For Blue And Red Teams To Bypass APPLICATIONCONTROL Policies

Black Hat Sec, May 3, 2021, NEW TOOLS, Post Exploitation, DLL Injection, Red Teams, Penetration Testing Tools, Bypass Applocker Policies, Evasor, Full Automated, exploitation, injection, microsoft, vulnerable, windows, 0

The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which gen...

ClearURLs – An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy

Black Hat Sec, March 30, 2021, NEW TOOLS, Scripts, Chrome Extension, Addon, Addons Mozilla Org, Anti Tracking, Tracking Protection, Webextensions, firefox, history, injection, privacy, python, 0

ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Intern...

XSS for PDFs – New injection technique offers rich pickings for security researchers

D4RkN, December 10, 2020, NEW TOOLS, injection, offers, researchers, security, technique, pickings, 0

A lack of input sanitization leaves PDF documents ripe for exfiltration

NoSQLi – NoSql Injection CLI Tool

Black Hat Sec, October 23, 2020, NEW TOOLS, Scan, PHP, NodeJS, Git, Command Line, Node, Mongo, Vulnerable Apps, NoSQLi, exploiting, injection, nosql, scanner, testing, vulnerable, 0

NoSQL scanner and injector. About Nosqli I wanted a better nosql injection tool that was simple to use, fully command line based, and configurable. To that end, I began work on nosqli - a simple nosql injection tool written in Go. It aims to be fast...

Scant3R – Web Security Scanner

Black Hat Sec, July 7, 2020, NEW TOOLS, Python3, sql injection, Hacking Tools, web-security, XSS Scanners, Bug Bounty, Web Scanner, Termux, Scant3R, injection, linux, python, scanning, 0

ScanT3r - Web Security Scanner _____ ___________ / ___/_________ _____/_ __/__ /_____ \__ \/ ___/ __ `/ __ \/ /...

IIS-Raid – A Native Backdoor Module For Microsoft IIS (Internet Information Services)

Black Hat Sec, July 1, 2020, NEW TOOLS, IIS-Raid, backdoor, injection, microsoft, passwords, 0

IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker.DocumentationWhen installed, IIS-Raid will process every request and method, check if the X-Password head...

Polyshell – A Bash/Batch/PowerShell Polyglot!

Black Hat Sec, February 28, 2020, NEW TOOLS, penetration testing, Shell Script, Batch Script, Polyglot, Polyshell, injection, payload, powershell, windows, 0

PolyShell is a script that's simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot).This makes PolyShell a useful template for penetration testing as it can be executed on most systems without the need for target-specific payload...

SysWhispers – AV/EDR Evasion Via Direct System Calls

Black Hat Sec, January 3, 2020, NEW TOOLS, asm, Syscalls, sRDI, UserLAnd, SysWhispers, hooking, injection, kernel, malware, memory, microsoft, python, windows, 0

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.All core syscalls are supported from Windows XP to 10. Example generated files available in example-output/.IntroductionVarious security products...

SQL Injection Payload List

Black Hat Sec, November 19, 2019, NEW TOOLS, sql injection, SQL Injection Exploitation, Injection Attacks, Injection Payloads, SQL Inject, SQL Injection Attack, SQL Injection Payload List, SQL Injection Payloads, SQL Injections, injection, payload, 0

SQL InjectionIn this section, we'll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to prevent SQL injection.What is SQL injection (SQLi)?SQ...

LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)

Evasor – A Tool To Be Used In Post Exploitation Phase For Blue And Red Teams To Bypass APPLICATIONCONTROL Policies

ClearURLs – An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy

XSS for PDFs – New injection technique offers rich pickings for security researchers

NoSQLi – NoSql Injection CLI Tool

Scant3R – Web Security Scanner

IIS-Raid – A Native Backdoor Module For Microsoft IIS (Internet Information Services)

Polyshell – A Bash/Batch/PowerShell Polyglot!

SysWhispers – AV/EDR Evasion Via Direct System Calls

SQL Injection Payload List

LikeBox

Get Membership

Archives

CONTACT US

Tag Archive for: injection

LikeBox

Get Membership

Archives

CONTACT US

Log in with your credentials

Forgot your details?

Create Account