Saturday, May 21, 2016

WAppEx : Web Appliion er

WAppEx is an integrated platform for performing penetration testing and ing of web appliions on or Linux. It can automatically check for all type of security vulnerabilities in the given target and then let you to run various payloads to and take advantages of the vulnerability.
WAppEx is a multi platform appliion and it is executable in Linux and .

WAppEx's database which includes hundreds of s provides an automated, comprehensive and reliable for penetration testers and security professionals worldwide.
Regular database update is available. Top priorities are high-risk and zero-day vulnerabilities.

Payloads for using in s are reliable payloads which contains connect-back, listener shell, arbitrary execution, arbitrary file upload,...

WAppEx's script based engin let experienced users write their own scripts and payloads to test and any vulnerability in web appliions.

Software and vulnerability updates are available at any time and a daily support is available via phone or email.

WAppEx can the following web appliion vulnerabilities:

SQL Injection:
The most dangerous vulnerability in web appliions. WAppEx uses Havij - Advanced SQL Injection Tool engine to find and this vulnerability.

Remote File Inclusion:
It allows an attacker to include a remote file. WAppEx can check for this vulnerability and run various payloads to execute commands on web server.

Local File Inclusion:
It allows an attacker to include a local file. Just like RFI WAppEx tests and s this vulnerability.

OS Commanding:
It let the attacker to execute OS commands on server. WAppEx tests and s this vulnerability to execute custom commands to get a reverse shell.

Script injection:
It can be used by an attacker to introduce (or "inject") script into a web appliion. WAppEx automatically tests and this vulnerability to escalate access to web server and get a reverse shell.

Local File Disclosure:
as the name says it disclosure content of local files on the web server. WAppEx can this vulnerability to rd sensitive files on the server.

WAppEx contains the following tools to help you in penetration testing and ing web apps.
Online Hash : A tool for hashes using the reverse lookup in online sites.Enr/Der: An enr/der with a complete encryption aorithms.Find Login Page: It looks for login pages on a target.Browser: A small browser you can use to view source and HTTP hders.WAppEx is so sy to use and also so flexible. It doesn't matter you're a beginner or a professional, using WAppEx makes your works sier, faster and more effective.


No comments:

Post a Comment