Slowloris is an HTTP Denial of Service (DoS) attack that affects threaded servers. It works by opening many HTTP connections to the target server and sending partial requests periodically to keep the connections open. This prevents the server from handling legitimate connections, effectively causing a DoS.
CMSeeK is a powerful tool designed to detect and exploit vulnerabilities in a wide range of Content Management Systems (CMS). It supports scanning for over 180 different CMSs, making it an essential tool for web security professionals.
The AUXILE Framework is a powerful tool designed to enhance the security of your website by identifying potential vulnerabilities. This versatile framework can be used to search for admin panels, upload panels, and perform SQL injection attacks using dorks. It also offers functionalities for information gathering and more.
XATTACKER is a robust and comprehensive tool designed for scanning and auto-exploiting vulnerabilities in web applications. By providing a target website to the tool, it automatically detects the site's architecture, identifies if it is using a Content Management System (CMS), and attempts to find vulnerabilities based on the detected CMS.
Websploit is a powerful and versatile framework designed for conducting Man-in-the-Middle (MITM) attacks. This high-level framework offers a range of modules and features that facilitate various penetration testing activities. Websploit is especially useful for security researchers, and ethical hackers.
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aid penetration testing operations.
Wifite was designed for use with pentesting distributions of Linux, such as Kali Linux, Pentoo, BackBox; any Linux distributions with wireless drivers patched for injection. The script appears to also operate with Ubuntu 11/10, Debian 6, and Fedora 16.
sqlscan is a fast and efficient web scanner designed to find SQL injection points. Unlike other tools meant for educational purposes, sqlscan is explicitly for hacking. It works best with sitemaps to yield optimal results and is known for its simplicity, multi-platform compatibility, and speed.
SQLiv is a powerful and efficient SQL injection scanner designed to handle large-scale scanning tasks. It supports multiple domain scanning with SQL injection dorks, targeted scanning, and reverse domain scanning. The script utilizes multiprocessing to ensure fast scanning of numerous URLs.
The Damn Small SQLi Scanner (DSSS) is a powerful and efficient SQL injection vulnerability scanner written in Python 3.x. Despite being under 100 lines of code, DSSS is fully functional and supports both GET and POST parameters. This tool is ideal for penetration testers and security researchers looking for a lightweight and effective SQL injection scanner.