Hacking campaign targets organizations through DNS hijacking attacks

Hacking campaign targets organizations through DNS hijacking attacks

Recently, a new hacking campaign, called "Sea Turtle", was launched, targeting public and private players. The characteristic...
Read More

Is the privacy of the iPhone real?

A unique ID is enabled by default on every iPhone that is available on the market, allowing advertisers to watch ...
Read More

WiFi Finder: Leak over 2 million Wi-Fi network passwords

WiFi Finder, an Android app installed by more than 100.000 users on Google Play, has leaked over ...
Read More

Cryptocurrency: Types of crime and ways of protection

When we talk about cryptocurrency always comes to our minds and crime, especially electronic crime. Cryptos are vulnerable ...
Read More
infosec tweaks

5 key steps for greater security of a data center

Data Center: We all know so far that Cloud technology has changed our lives. The cloud is here for ...
Read More
Latest Posts

Web Application Exploiter (WAppEx)

WAppEx is an integrated platform for performing "penetration testing" and exploiting network applications in Windows ή Linux. It has the ability to automatically check for all types of security vulnerabilities in its "target", and then enables to perform malicious code for further exploitation.

WAppEx can be run on Linux and Windows.

The WAppEx's database, which includes <...>

hundreds of "exploits" provide an automated, comprehensive and reliable solution for detecting and exploiting vulnerabilities from security professionals around the world. His almost daily updates contain all the new high-risk vulnerabilities even 0day, which is not repaired by the companies.

The payloads used by the WAppEx tests have features like connect-back, listener shell, arbitrary code execution, arbitrary file upload, and so on.

Its flexible mechanism enables experienced users to write their own "scripts" and "payloads" to test how vulnerable their applications are.

WAppEx can exploit the following vulnerability categories:

SQL Injection, Remote File Inclusion, Local File Inclusion, OS Commanding, Script injection, and Local File Disclosure.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *