Made a site on localhost'e. Going to spread on the hosting.
How can I check the site for burglary, etc.? Are there any services for this?
Specter
11.8k 18 silver marks 32 bronze marks
oleg_ismaylov oleg_ismaylov
585 8 gold signs 25 silver marks 57 bronze marks
|
1 answer
There is a special framework for this, it is called W3AF . This is a very cool thing for web pentesting. There are a lot of useful features for testing your web applications. In fact, W3AF is a platform that by itself does not have special functions for a tester, but plug-ins can be screwed onto the platform, the number of which has already exceeded 100. Plug-ins for testing are different (by the way, everyone can create plug-ins =)): finding banal holes in SQL queries (SQL-Injection) and critical GET requests before splitting an HTTP request ( HTTP Response Splitting ). So, that the flag in your hands and forward, test application!
AseN AseN
11.6k 10 golden marks 51 silver badge 116 bronze marks
- onefor testing (in no case for hacking other sites) on SQL injection I recommend SQLmap - Specter
- Believe me, the set of plugins for this framework contains things that are worse than sqlmap. The most important thing is that plugins can be combined and “bombed” the site at certain vulnerable points. - AseN
- I just dealt with him, and believe me, his injection capabilities are more than enough, he is cross-platform (written in Python), easy to use and specializes in a narrow field, and as you know, highly specialized things are more effective than universal ones - Specter
|