DVWA - Brute Force (High Level) - Anti-CSRF Tokens Logo

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

0
Free
Visit Website

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues).For the final time, let's pretend we do not know any credentials for DVWA....Let's play dumb and brute force DVWA... once and for all! Read More

FEATURES

ALTERNATIVES

Automated vulnerability discovery tool for Cake PHP framework with limited false positives.

A repository of open-source plugins for Rapid7 InsightConnect

A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.

A VMware image for penetration testing purposes

A repository containing hourly-updated data dumps of bug bounty platform scopes

Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.

A ruby script that scans for vulnerable 3rd-party web applications

A series of small test cases designed to exercise different parts of a static security analyzer