PHP Vulnerability Hunter

  •        0

PHP Vulnerability Hunter is an whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applications.



comments powered by Disqus

Related Projects

OWASP Joomla Vulnerability Scanner Project

Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site. It Searches known vulnerabilities of Joomla! and its components, Web application firewall detection and lot more.


Training and educating about the web security

Sqlmap - Automatic SQL injection and database takeover tool

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

PortAudio - Cross-platform Audio I/O Library

PortAudio is a free, cross-platform, open-source, audio I/O library. It lets you write simple audio programs in 'C' or C++ that will compile and run on many platforms. It provides a very simple API for recording and/or playing sound using a simple callback function or a blocking read/write interface. Example programs are included that play sine waves, process audio input (guitar fuzz), record and playback audio, list available audio devices, etc.


Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.

Z Word Tools

Tools to allow Z specifications to be written in Microsoft Word. Includes a unicode font for Z symbols. Provides: WYSIWYG editing fully integrated into Word; Typechecking using fuzz (for Spivey Z) or CZT (for ISO standard Z); Indexing and cross-referencing; Diagrams of specification structure; Conversion from Spivey to Standard Z- also available as a stand-alone program and Java class for non-windows users. See project website for details.

CakePHP - Rapid Development PHP framework

CakePHP makes building web applications simpler, faster and require less code. Its features include Database support, Application scaffolding, MVC architecture, Built-in validation, Data Sanitization, Flexible Caching, Localization, SQL injection prevention, Form tampering protection, Authentication and lot more.


NetHack-de is a translation of NetHack into German.

Wapiti - Web application vulnerability scanner / security auditor

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. It is able to differentiate ponctual and permanent XSS vulnerabilities.


Automatic fuzzing proxy.