Projects of Michael Daw.

WordPress Securify Plugin

WordPress Securify (WPSec) is a security plugin for WordPress. Every hour the tests specified within WPSec will be executed. A count of “warnings” is displayed in the top right of the WordPress Admin panel.

WordPress Securify ShellScript

This project has been split into two parts. The first was a chunky shell script that uses security through obscurity approach. The second project is the WordPress Securify plugin; this plugin is closer to a WordPress Security Audit tool. I have completed version 1.0 but am still sorting out some bugs – let me know if you want to give it a try.

HTTP Proxy Scanner

Simple HTTP proxy scanner to check for “usable” proxies. Written in C; requires libcurl.

Web Backdoor Compilation

A collection of web backdoors.

SQL Injection Cheat Sheet

Currently supports generic authentication bypass Vulnerabilities, MS-SQL, MySQL, Oracle, Postgress and Sybase.

JavaScript Network Mapper (v1.0)

A JavaScript Network Mapper which supports, WebPing, WebScript and WebImage scanning techniques.

JavaScript WebPing

Uses iframes to ping networks.

ASP Auditor

This tool is based on H D Moore’s Dot Net Application Scanner.

Awakening the Sleeping Giant

This paper is an initial attempt to categorise and track XSS in general. Haven’t dont much work on this.