Web Application Exploiter (WAppEx)

Posted: November 6, 2012 in Uncategorized

WAppEx is an integrated platform
for performing penetration testing
and exploiting of web applications
on Windows or Linux. It can
automatically check for all type of
security vulnerabilities in the
given target and then let you to
run various payloads to exploit
and take advantages of the
vulnerability.
WAppEx is a multi platform
application and it is executable in
Linux and Windows.
WAppEx’s database which
includes hundreds of exploits
provides an automated,
comprehensive and reliable exploit
for penetration testers and security
professionals worldwide.
Regular database update is
available. Top priorities are high-
risk and zero-day vulnerabilities.
Payloads for using in exploits are
reliable payloads which contains
connect-back, listener shell,
arbitrary code execution, arbitrary
file upload,…
WAppEx’s script based engin let
experienced users write their own
scripts and payloads to test and
exploit any vulnerability in web
applications.
Software and vulnerability updates
are available at any time and a
daily support is available via
phone or email.
WAppEx can exploit the
following web application
vulnerabilities:
SQL Injection (support Havij
1.16) :
The most dangerous vulnerability
in web applications. WAppEx
uses Havij – Advanced SQL
Injection Tool engine to find and
exploit this vulnerability.
Remote File Inclusion:
It allows an attacker to include a
remote file. WAppEx can check
for this vulnerability and run
various payloads to execute
commands on web server.
Local File Inclusion:
It allows an attacker to include a
local file. Just like RFI
WAppEx tests and exploits this
vulnerability.
OS Commanding:
It let the attacker to execute OS
commands on server. WAppEx
tests and exploits this
vulnerability to execute custom
commands to get a reverse shell.
Script injection:
It can be used by an attacker to
introduce (or “inject”) script into a
web application. WAppEx
automatically tests and exploit
this vulnerability to escalate
access to web server and get a
reverse shell.
Local File Disclosure:
as the name says it disclosure
content of local files on the web
server. WAppEx can exploit this
vulnerability to read sensitive files
on the server.
WAppEx contains the following
tools to help you in penetration
testing and exploiting web apps.
Online Hash Cracker: A tool for
cracking hashes using the reverse
lookup in online sites.
Encoder/Decoder: An encoder/
decoder with a complete encryption
algorithms.
Find Login Page: It looks for
login pages on a target.
Browser: A small browser you can
use to view source code and
HTTP headers.
WAppEx is so easy to use and
also so flexible. It doesn’t matter
you’re a beginner or a professional,
using WAppEx makes your works
easier, faster and more effective.
Download : WAppEx
Register : free trial licence key
(read carefully)
http://www.itsecteam.com/products/web-application-exploiter-wappex/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s