Updated 1337.yehg.net
Updated with new cool online tools
https://1337.yehg.net/
https://1337.yehg.net/
Web Security Testing Toolbox
A toolbox with a set of useful tools and links.
Tools:
Tools:
- Reverse Tab Jacker (window.opener)
- WebGun, XSS Payload Creator
- Referer Check Bypasser
- Flash-based XSSer
- PHP Charset Encoder
- CAL9000 Encoder
- utf8.jp's JS Encoders
- Hacker Web Search Aggregator
- Referer XSS PoC (IE only)
- XSS POST Forwarder (Usage: http://whiteacid.org/misc/xss_post_forwarder.php?xss_target=URL&vuln_param=
- CSRF POST Redirector (usage: http://shiflett.org/csrf.php?csrf=URL¶m1=value1&..)
- JSBin - Test and share XSS Payload proof
- JSFiddle - Test and share XSS Payload proof
- Real-time HTML Editor
- Real-time HTML Editor - Mirror
- Gareth Heyes's masterpieces for web hackers
- Google Chrome Browser Addons for Web App Hackers
- Firefox Browser Addons Revisited for Web App Hackers
Tests:
- Cross Site Framing
- Cross Site Request Forgery
- Two-Stage CSRF Prompt Bypass Generator (GET-based)
- Two-Stage CSRF Token Bypass Generator (GET-based)
- Cross Site Framing Exploit Generator (Samy's QuickJack)
- SHAZZER - Shared online fuzzing
References:
- Pentest Wordlists
- Script Mapping Reference
- Browser Security Handbook
- HTML5 Security Cheatsheet
- Security Assessment Report Generators
Misc:
- Ad-free version of whatismyip.com - Quick check on your IP/Proxy information
- Hacked-Test Image - https://1337.yehg.net/poc/beenhacked.jpg
