(http://i.gyazo.com/6c551df6118790c66065984f71c3dd94.png)
WAppEx es una aplicación diseñada para profesionales en el testing que realiza diversos tipos de pruebas, busca exploits en bases de datos, genera reportes etc.
Updates in 2.0
Auto-detect feature deleted from exploits
Browser tool deleted
Exploits and payloads view changed
Exploit Database with the following features added:
New script syntax and structure
Searching, selecting, and executing of exploits.
Add/remove database entries (exploits or payloads)
Add exploits or payloads to the database using either the Exploit Wizard or the script file
Batch testing of multiple targets against multiple exploits
Execute multiple instances of one or more payloads (for every running exploit) simultaneously.
Following tools added:
Manual Request
Dork Finder
Exploit Editor
Hidden File Checker
Neighbor Site Finder
Local File Inclusion analyzer script updated
24 new payloads for LFI, RFI, and PHP Code Execution vulnerabilities added:
Directory Explorer
CodeExec Bind
3 connect-back shells
Code Execution
MySQL Dump
ServerInfo
4 command execution payloads
Bug-fixes:
Find Login Page crashed on start
Problem with software registration
Stop button did not work when retrieving data from SQL server
Problem with saving SQL results
Crashed when closing Find Login Page
Status icons were not displayed properly in exploit tabs
The full list features is as below:
An exploit database covering a wide range of vulnerabilities.
A set of tools useful for penetration testing:
Manual Request
Dork Finder
Exploit Editor
Hidden File Checker
Neighbor Site Finder
Find Login Page
Online Hash Cracker
Encoder/Decoder
Execute multiple instances of one or more exploits simultaneously.
Execute multiple instances of one or more payloads (for every running exploit) simultaneously.
Test a list of target URL's against a number of selected exploits.
Allows you to create your own exploits and payloads and share them online.
A number of featured exploits (6) and payloads (39) bundled within the software exploit database:
Testing and exploiting of Local File Inclusion vulnerabilities
Testing and exploiting of Local File Disclosure vulnerabilities
Testing and exploiting of Remote File Inclusion vulnerabilities
Testing and exploiting of SQL Injection vulnerabilities
Testing and exploiting of Remote Command Execution Inclusion vulnerabilities
Testing and exploiting of Server-side Code Injection vulnerabilities
Instructions:1. Run 0x22 Loader.exe
2. Click OK
4. Registration window will open, dont do anything and wait for it to find offsets (Can take some time)
4. When offsets are found it will display in a messagebox. When it appears click OK.
5. Run 0x22 Loader.exe again and use this file every time you wish to use WAppEx.
Descarga: https://mega.nz/#!i050RazJ!5DL-oS8NoT9TOgtffiZ4HkPZ2MVSfztS97bE5k3CcOo
Saludos!
ANTRAX