Security Compass is pleased to announce the release of the free Exploit-Me series of application penetration testing tools at SecTor.
The toolset is made specifically for security consultants, developers and QA staff to facilitate testing of applications. The Exploit-Me series of tools are plug-ins to Firefox that allow for easy “right-click” style parameter fuzzing for web applications.
Included in the Exploit-Me series are:
- SQL Inject-Me – Point to any HTML field in your Firefox browser and try to inject it with an individual SQL injection payload or multiple-payloads via fuzzing by simply right clicking on the field and selecting “SQL-Inject Me”.
- XSS-Me – As with SQL-Inject me, point to any field on an HTML document and attempt to perform Cross-site scripting by right-clicking and choosing “XSS-Me”.
- Web Service Exploit-Me – Enter a valid WSDL location and try fuzzing various parameters in a simple-to-use HTML interface in Firefox using Web Service Exploit-Me. The interface will also allow for you to attempt SQL-Injection and XSS through web services.