Websecurify

Regular updates about Websecurify free and premium website scanners, proxies, fuzzers and insight knowledge about SQL Injection, Cross-site Scripting and other vulnerabilities

Hack Like A Pro In The Arena

Arena is a very powerful tool, which you can use in all kinds of situations - not just for encoding and decoding data into various formats. With today's update we have made it even more useful and now it is suitable for writing your own tools powered by Websecurify's client-side API.

Screenshot 01

The screenshot above demonstrates a HTTP Basic Authentication bruteforcer we have created in just a few minutes, which you can get from the official GitHub project. This script is relatively simple but it does a good job at demonstrating the core API features such as the ability to make cross-domain requests. In the future we will be exposing various capabilities from the scanners and fuzzers as well, which you will be able to reuse in your own tools.

At this stage Arena is not extensively documented. We've included a help page explaining some of the commands and methods available out of the box. It is still work in progress and we will be extending it as we go. Tutorials should appear on our learning portal soon.

There you have it - a simple tool but very powerful in experienced hands.

pdp

Petko D. Petkov (pdp), is founder of Websecurify and frontman of the GNUCITIZEN Information Security Think Tank. pdp is a recognized information security researcher, security tools developer, penetration tester, frequent speaker at industry events, and published author who has contributed to several best-selling books in the field of information security.

Comments Powered ByDisqus