Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. This framework is written by Nikhil Mittal who is also author...

The Browser Exploitation Framework (BeEF) is a penetration testing tool written in Ruby and designed to both showcase browser weaknesses as well as perform attacks both on and through the web browser. BeEF consists of a server application that manages the connected clients, known as “zombies”, and JavaScript “hooks” which...

In this brief post, we are listing a few popular and interesting Firefox add-ons that are useful for penetration testers. These add-ons vary from information gathering tools to attacking tools. If you are using BACKTRACK than use OWASP Mantra which has lots of useful Add-ons.(1)FirebugFirebug is a nice add-on that integrates...

Backtrack has lots of tools for web-application testing. Directory traversal is one of the critical vulnerability in web-application. Previously i post about what is directory traversal & how to bypass its filter , but that process is manual, it can consume lots of time.But in bactrack automatic tools are available...

Cisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14 vulnerabilities in disparate Cisco switches and routers.  CGE is command-line driven perl script which has a simple and easy to use front-end.Vulnerabilities...