hasherbasher This is a tool used to help exploit poorly designed authentication systems by locating ASCII strings that when MD5 hashed, result in raw bytes that could change SQL logic. How It Works When constructing SQL queries for authentication, if a prepared statement is not used – a user can Read more…
Hacking a Website I will explain all the methods used to hack a website or website’s database. This is the first part of the hacking websites tutorial, where I will briefly explain all the methods used for hacking or defacing websites. Today, I will give you the overview, and in Read more…
Pybelt – The Hackers Tool Belt Pybelt is an open source hackers tool belt complete with: A port scanner SQL injection scanner Dork checker Hash cracker Hash type verification tool Proxy finding tool XSS scanner It is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on Read more…
Nowadays, websites are necessary for most of the businesses and especially in e-commerce. Every attacker knows that your site holds customers data. You’ve worked hard on your site (and your brand) – so take some time to secure it. You should do the following steps to ensure your website is Read more…
Exploit SQL Injection Using Sqlmap SQL injection : it is an attack that exploits non-parametrized SQL queries in a database , so that the attacker can insert their own queries. Sqlmap : This is a very powerful penetration test tool (open source) , it automates the discovery and exploitation of Read more…
Hacking website using SQL Injection Before leaning how to exploit website with SQL Injection, let’s first to try learn the core methodologies and the abstraction behind the scenes. What is SQL Injection? SQL Injection is a malicious attack where malicious users can inject SQL commands (commonly referred to as malicious Read more…
Analyse SQL injection attempts in web server logs reversemap Analyse SQL injection attempts in web server logs The program can either be run in batch mode or interactive mode. In batch mode the program will accept Apache web server logs and will deobfuscate requested URLs from the logs. In Read more…
Find SQL Injection What is python_gdork_sqli? python_gdork_sqli is a python script is developed to show, how many vulnerables websites, which are laying around on the web. The main focus of the script is to generate a list of vuln urls. Please use the script with causing and alert the webadmins Read more…
What is SQL Injection? SQL injection (SQLi) is an application security weakness that allows attackers to control an application’s database – letting them access or delete data, change an application’s data-driven behavior, and do other undesirable things – by tricking the application into sending unexpected SQL commands. SQL injection weaknesses Read more…