PHP Vulnerability Hunter

  •        0

PHP Vulnerability Hunter is an whitebox fuzz testing tool capable of detected several classes of vulnerabilities in PHP web applications.

http://phpvulnhunter.codeplex.com/

Tags
Implementation
License
Platform

   




Related Projects

GameOver


Training and educating about the web security

LFI (Library-level Fault Injector)


Easy-to-use fault injection tool for testing robustness of software to faults that originate in shared libraries and the layers below. LFI minimizes human effort involved in testing and does not require access to the target program's source code.

unicorn


,/ // ,// ___ /| |// `__/\_ --(/|___/-/ \|\_-\___ __-_`- /-/ \. |\_-___,-\_____--/_)' ) \ \ -_ / __ \( `( __`\| `\

syntribos - Python API security testing tool from OpenStack Security Group


Syntribos is an open source automated API security testing tool that is maintained by members of the OpenStack Security Project.Given a simple configuration file and an example HTTP request, syntribos can replace any API URL, URL parameter, HTTP header and request body field with a given set of strings. Syntribos iterates through each position in the request automatically. Syntribos aims to automatically detect common security defects such as SQL injection, LDAP injection, buffer overflow, etc. In addition, syntribos can be used to help identify new security defects by automated fuzzing.

oss-fuzz - OSS-Fuzz - continuous fuzzing of open source software


Status: Beta. We are now accepting applications from widely-used open source projects.Create New Issue for questions or feedback about OSS-Fuzz.

OWASP Joomla Vulnerability Scanner Project


Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site. It Searches known vulnerabilities of Joomla! and its components, Web application firewall detection and lot more.

antiparser


antiparser is an API/framework for generating random, malformed data for use in fuzzing and fault injection of network protocols and file formats. antiparser is written in Python and can be imported by scripts that implement additional fuzzing logic.

MVVM-WPF(+Silverlight 5.0) XAML Markup Dependency Injection Binding Extensions


XAML mark-up extensions for MVVM pattern. Mark-up extensions allow to bind RouteEventHandler, Command and other to targets via Dependency Injection.

hackxor


A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realismamp;difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc

ShelLOL - A configurable OS shell command injection vulnerability testbed


A configurable OS shell command injection vulnerability testbed

command_injection - A Sample Ruby on Rails App with Command Injection Vulnerabilities


A Sample Ruby on Rails App with Command Injection Vulnerabilities

Mole


Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.

Mugen Injection


A lightweight and fast managed IoC (Inversion of Control) and DI (Dependency Injection) with support for constructor, property, field, and method call injection

HK2 - A light-weight and dynamic dependency injection framework


HK2 is a light-weight and dynamic dependency injection framework. HK2 is an implementation of JSR-330 in a JavaSE environment. JSR-330 defines services and injection points that can be dynamically discovered at runtime and which allow for Inversion of Control (IoC) and dependency injection (DI).

jsql-injection - jSQL Injection is a Java GUI for database injection.


jSQL Injection is a Java GUI for database injection.

grafter - Grafter is a library to configure and wire Scala applications


There are many libraries or approaches for doing dependency injection in Scala. Grafter goes back to the fundamentals of dependency injection by just using constructor injection: no reflection, no xml, no implementation inheritance or self-types.Please read our contributor guidelines for more details. And please check these open issues for specific tasks.

Anise


Anise is a dependency injection framework specifically written to make the developer's job as easy as possible. You don't have to develop your code specifically for the framework, and it provides all features you'd expect along with simple and flexible configuration language.

cit - Natural testing with code injection. CIT - Code Injection Testing.


Natural testing with code injection. CIT - Code Injection Testing.

bayberry - Complement test frameworks with dependency injection, data injection and test helpers


Complement test frameworks with dependency injection, data injection and test helpers

Poly - Creates wrappers for dagger2 components that simulate polymorphic injection


Poly is small annotation processor that add 'polymorphic injection' to Dagger 2. It lets developers write only one injection site in a base class instead of multiple injection sites, one for each subclass. This is particularly handy for Android setups where all activities extend one common base activity.