OWASP Zed Attack Proxy (ZAP) Read

Introduction The OWASP Zed Attack Proxy (popularly known as ZAP) is an integrated penetration testing tool for finding vulnerabilities in web applications. OWASP ZAP is a fork of version 3.2.13 of the open source variant of Paros Proxy. Paros was a HTTP/HTTPS …

Cracking WPA/WPA2 for Non-Dictionary Passphrase Read

WPA/WPA2 password can be cracked simply by capturing WPA handshake and then apply dictionary. And if passphrase is in dictionary then password will be cracked. But what if password is not in dictionary? Are there other ways to crack the non-dictionary passphrases? …

Tamper Data Read

Tamper Data

What is Tamper Data? Tamper data, an add-on (extension) for Mozilla Firefox, is a fast, simple yet effective tool which can used to do penetration testing. Tamper Data basically gives us the power to view, record and even modify outgoing HTTP requests. …

Scapy Primer Read

Scapy Primer

Overview Scapy is a wonderful packet crafting tool written by Philippe Biondi. Below is an excerpt from the Scapy documentation neatly describing Scapy. “Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide …

Sysinternals Suite Read

Sysinternals Suite

Sysinternals utilities are one of the best friends of administrator.Sysinternals was original created back in 1996 by Mark Russinovich and Bryce Cogswell and was bought by Microsoft in 2006. Since then the company has continued to release new tools and improve the …

Who wants to be a Millionaire Read

Everyone wants to be Millionaire and this article is just going to tell you how you can become one. The Web 2.0 has opened lots of opportunities and possibilities along with lots of security issues. One of the popular technology is “Flash” …

Cain and Abel: The Black Art of ARP Poisoning Read

Overview Cain and Abel is windows based password recovery tool available as a freeware and maintained by Massimiliano Montoro. It supports wide features to recover passwords varying from Local Area Network to various routing protocols as well as provides intelligent capability to …

Echo Mirage Read

Echo Mirage

In the past few years, Web applica-tion security has really got some good atten-tion. Because of this attention, we have so many proxy tools (Burp/Fiddler/Paros) rea-dily available, are making our lives easy at each step of penetration testing.  These tools are helpful …