Web Form Password Brute Force with FireForce

January 7, 2011January 8, 2011 ~ davehardy20 ~ 3 Comments

I spent many hours today playing around with DVWA – (Damn Vulnerable Web App), from Randomstorm, brushing up on my web app pentesting skills, to be honest its been a long time and I really need to get back on top of this.

Anyways, after going through all the usual SQL injection, XSS stuff I thought I’d have a go at the brute forcing part of the app.

Well after what seemed like days I gave up, with little or no success – I’d tried the usual suspect for ‘bruting’ the password – Hydra.

Until I Googled around and found a Firefox addon called ‘Fireforce’ the article that I found is here Dark Reading

The website for the tool is here SCRT ,there is a manual in english too. Continue reading “Web Form Password Brute Force with FireForce” →

xStorm Cloud Based Vulnerability Scanner from RandomStorm

September 30, 2010September 30, 2010 ~ davehardy20 ~ 2 Comments

This is a follow up from my recent posts about the company RandomStorm and its products.

After my initial phone conversation they sent me a complementary access to their xStorm Cloud Based Vulnerability Scanner.

Well recently I had sometime to investigate, these are my findings, hope you enjoy.

First off this is only a brief look at this product, there is probably so much more to it than I can explore here with the limited trial that RandomStorm gave me.

OK, first your have to start up your browser, I choose Google Chrome, but Firefox or even Internet Explorer will suffice.

You will be met with a login screen

Continue reading “xStorm Cloud Based Vulnerability Scanner from RandomStorm” →

RSMangler – Free Tool from RandomStorm

September 20, 2010January 7, 2011 ~ davehardy20 ~ 1 Comment

In my previous post I mentioned a company called RandomStorm and some of the products they have, well one of those products is free and its called RSMangler, basically is word-list generator with a few extras, that can be used with tools like John The Ripper.

Its incredibly easy to use and creates really excellent word-lists in no time all.

Continue reading “RSMangler – Free Tool from RandomStorm” →

RandomStorm – Security Products & Services

September 17, 2010September 19, 2010 ~ davehardy20 ~ 1 Comment

Just had a phone conversation with a company called RandomStorm – this name rang a bell but I couldn’t remember where from.

Anyways just had a quick look see on their website www.randomstorm.com and they have some interesting stuff.

Continue reading “RandomStorm – Security Products & Services” →