摘要:
转自:http://www.lo0.ro/2011/apache-server-2-3-14-denial-of-service-exploit/!/usr/bin/perl -w# Exploit Title: Apache Server 2.3.14 <= Denial of Service exploit (DDOS)# Date: 22/10/2011# Author: Xen0n# Software Link: http://www.apache.org/dyn/closer.cgi# Version: 2.3.14 and older# Tested on: CentOs#f 阅读全文
摘要:
转自:http://www.lo0.ro/2012/php-5-3-x-hash-collision-proof-of-concept-code/Hash collisions in POST Denial-of-service exploitExamples: -) Make a single Request, wait for the response and save the response to output0.html python HashtablePOC.py -u https://host/index.php -v -c 1 -w -o output-) Take down 阅读全文
摘要:
转自:http://www.lo0.ro/2011/top-10-web-application-penetration-testing-tools-actually-11/Well this is not quite a default top ten list (based on witch one is the smarter/faster/better) but just a simple list of applications you can use in a pentest. Free and open source app come first.1. Arachni Arach 阅读全文