Projects
WordPress Securify Plugin
WordPress Securify (WPSec) is a security plugin for WordPress. Every hour the tests specified within WPSec will be executed. A count of “warnings†is displayed in the top right of the WordPress Admin panel.
WordPress Securify ShellScript
This project has been split into two parts. The first was a chunky shell script that uses security through obscurity approach. The second project is the WordPress Securify plugin; this plugin is closer to a WordPress Security Audit tool. I have completed version 1.0 but am still sorting out some bugs - let me know if you want to give it a try.
HTTP Proxy Scanner
Simple HTTP proxy scanner to check for “usable” proxies. Written in C; requires libcurl.
Web Backdoor Compilation
A collection of web backdoors.
SQL Injection Cheat Sheet
Currently supports generic authentication bypass Vulnerabilities, MS-SQL, MySQL, Oracle, Postgress and Sybase.
JavaScript Network Mapper (v1.0)
A JavaScript Network Mapper which supports, WebPing, WebScript and WebImage scanning techniques.
JavaScript WebPing
Uses iframes to ping networks.
ASP Auditor
This tool is based on H D Moore’s Dot Net Application Scanner.
Awakening the Sleeping Giant
This paper is an initial attempt to categorise and track XSS in general. Haven’t dont much work on this.