Blog | Tools

Tool Review - Fierce by RSnake

Posted on September 27, 2011Link 

rce is a simple but very useful DNS reconnaissance tool written by Robert Hansen (RSnake) that I use on virtually every pentest, vuln assessment, or application security assessment I'm involved in. There's nothing fancy or super-technical about this tool; it's just useful and deserves some mention. It combines the functionality of a handful of recon tools into one. It's original...Continue reading 

Blind SQL Injection & BurpSuite - Like a Boss

Posted on April 22, 2011Link 

SQL injection used to be a lot easier a few years ago when it was less known, web application security was less mature, and errors were often exposed. It's very easy to use a variety of methods to cause errors to display database names, table names, column names, and even row values... when errors are enabled. These days, the SQL...Continue reading 

10 Security Tools You May Not Know About

Posted on January 15, 2011Link 

Fierce is one of the best DNS enumeration tools I've ever used. It's great for DNS servers that do not allow anonymous zone transfer as it includes dictionary-based hostname enumeration.A Perl script that enumerates an HTTPS instances supported SSL versions and ciphers. The best FireFox extension, hands down, for manual web application security assessments. Quick access to client-side information...Continue reading 

Have Questions?
Get Answers