Femida Logo

Femida

0
Free
Visit Website

Automated blind-xss search for Burp Suite Femida is a tool that helps you find blind XSS vulnerabilities in your web application. It uses Burp Suite as a proxy to intercept and analyze HTTP requests. Femida is a Python script that can be run from the command line. It's a great tool for security researchers and penetration testers who want to automate their blind XSS searches. Femida is open-source and free to use. It's available on GitHub and can be easily installed using pip.

FEATURES

ALTERNATIVES

A Yara ruleset for detecting PHP shells and other webserver malware.

FLARE Obfuscated String Solver (FLOSS) automatically extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.

A collection of YARA rules for public use, built from intelligence profiles and file work.

A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.

A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence

Compact C framework for analyzing suspected malware documents and detecting exploits and embedded executables.

Python 3 tool for parsing Yara rules with ongoing development.

VxSig is a tool to automatically generate AV byte signatures from similar binaries.