Exploit-Me Series – Free Firefox Application Penetration Testing Suite Launch

Expo Theatre (Hall G) - Feedback     

Bookmark and Share

Nish Bhalla
Rohit Sethi

Security Compass is pleased to announce the release of the free Exploit-Me series of application penetration testing tools at SecTor.

The toolset is made specifically for security consultants, developers and QA staff to facilitate testing of applications. The Exploit-Me series of tools are plug-ins to Firefox that allow for easy “right-click” style parameter fuzzing for web applications.

Included in the Exploit-Me series are:

  1. SQL Inject-Me – Point to any HTML field in your Firefox browser and try to inject it with an individual SQL injection payload or multiple-payloads via fuzzing by simply right clicking on the field and selecting “SQL-Inject Me”.
  2. XSS-Me – As with SQL-Inject me, point to any field on an HTML document and attempt to perform Cross-site scripting by right-clicking and choosing “XSS-Me”.
  3. Web Service Exploit-Me – Enter a valid WSDL location and try fuzzing various parameters in a simple-to-use HTML interface in Firefox using Web Service Exploit-Me. The interface will also allow for you to attempt SQL-Injection and XSS through web services.