Burp Suite Tutorial – A Web Application Penetration Testing Tool – Beginners Guide

In this Burp Suite Tutorial, we are going to elaborately describe the Burp Suite tool and its features that are bundled in a single suite made for Web Application Security assessment as well as Penetration testing. It’s a java executable and hence it’s cross-platform. Kali Linux comes with Burp Suite free edition installed. There is …

Whatweb – A Scanning Tool to Find Security Vulnerabilities in Web App

Whatweb is the perfect name for this tool. Simply it answers the question, “What is that Website?” Whatweb can identify all sorts of information about a live website, like: Whatweb offers both passive scanning and aggressive testing. Passive scanning just extracts data from HTTP headers simulating a normal visit. Aggressive options get deeper with recursion …

Most Important Security Tips to Protect Your Website From Hackers

Do you think they need your date? Do you think they need access to your credit cards? There is something more valuable for hackers than you think. One of the main targets of modern hackers is to get access to your servers. It allows them to use it as an email relay for spam. But …

Ua-tester – A tool for User Agent WAF, IDS/IPS, Redirection testing

UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a python script which runs through various user-agents on a specified site. It also tries various options like setting cookie, redirection, …

Burpsuite – Use Burp Intruder to Bruteforce Forms

Using Burp Intruder to Bruteforce passwords. Burpsuite is a collection of tools and plugins for any web application security testing bundled into a single executable jar file. It contains about 8 useful tools for performing spidering, fuzzing, decoding etc. But the prime feature is that, it is an intercepting proxy which works on application layer. …

SQLMAP – Introduction & Automation of SQLi

Basic Operation of SQLMAP & enumeration of Server through automatic SQL Injection. SQLMAP is a database pentesting tool used to automate SQL Injection. Practically using sqlmap, we can dump a whole database from a vulnerable server. SQLMap is written in python and has got dynamic testing features. It can conduct tests for various database backends very …