Today I am releasing my Simple LAN Scanner 1.0 (08th January 2011). [Download] Description The Simple LAN Scanner is a very simple LAN scanner written in Python. It scans the local network and tries to give you the MAC and IP addresses of the discovered running systems. Furthermore it creates a small log file at [...]

Today I am releasing my Simple Local File Inclusion Vulnerability Scanner 1.0 (29th December 2010). [Download] Description The Simple Local File Inclusion Vulnerability Scanner helps you to find LFI vulnerabilities. Usage ./lfi_scanner.py –url= Usage example ./lfi_scanner.py –url=”http://www.example.com/page.php?file=main” Usage notes – Always use http://…. – This tool does not work with SEO URLs, such as http://www.example.com/news-about-the-internet/. [...]

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:

I just uploaded a new version of the Simple Local File Inclusion Exploiter, version 1.1. It was updated with some new user agents, “interesting files” and now creates a small log file. Just visit the “My Tools” section for the download link.

Today I am releasing my Simple Local File Inclusion Exploiter 1.0 (21th November 2010). [Download] Description The Simple Local File Inclusion Exploiter helps you to exploit LFI vulnerabilities. After you found one, simply pass the URL of the affected website and the vulnerable parameter to this tool. You can also use this tool to scan [...]

I am currently working on a very exciting tool which is related to local file inclusion vulnerabilities. Basically it is some kind of automated LFI exploiter with many features, such as a LFI scanner and – as I call it – an “interesting file dumper”. Currently, the tool is still beta (version 0.8). I guess [...]

Today I am releasing version 0.5 of my Simple SQL Injection Vulnerability Scanner. [Download here] It contains all the features from the first released version 0.3 and now contains – in addition – a column fuzzer. Simply start a scan by using python sqli_scanner.py -u “target” and then start fuzzing by using the parameter -fuzz [...]

Today I am releasing my Simple Log File Analyzer 1.0. [Download here] Description The Simple Log File Analyzer helps you to detect possible hack attempts within the log files of your webserver. Features – Error handling – Scan a log file for four different attack types – Display a short scan report – Write scan [...]

Today I am releasing my Simple SQL Injection Vulnerability Scanner (version 0.3, not 1.0 since it contains not many features). [Download here] Description The Simple SQL Injection Vulnerability Scanner helps you to find SQL injection vulnerabilities within your website. Simply provide an URL and let the tool do all the work. Features – Scan a [...]

Edit 23th May: Version 1.1 released. Today I released the Full Automated Column Finder for SQL Injection (Python script). It is a column fuzzer which helps you saving time. [Download here] Description The Full Automated Column Finder helps you to determine the correct amount of columns of the current SQL query. It is useful for [...]