Hackazon
Hackazon is a free, vulnerable test site with an online storefront to train and test IT security professionals on various vulnerabilities like SQL Injection and cross-site scripting.
Joint Advanced Defect Assessment framework for android applications (JAADAS, original name JADE renamed to avoid potential trademark issue), written in 2014. JAADAS is a tool written in Java and Scala with the power of Soot to provide both interprocedure and intraprocedure static analysis for android applications. Its features include API misuse analysis, local-denial-of-service (intent crash) analysis, inter-procedure style taint flow analysis (from intent to sensitive API, i.e. getting a parcelable from intent, and use it to start activity). JAADAS can also combines multidex into one and analysis them altogether. Most of JAADAS's detection capabilities can be defined in groovy config file and text file (soot's source and sink file). USAGE JAADAS is packed into a single jar archive and I provide a default vulnerability rules file. There're two major mode for JAADAS. FullAnalysis FullAnalysis unleash the full power of JAADAS and Soot, including inter-procedure whole-application analysis and inter-procedure dataflow analysis. But it may also consume much time and may not finish on machines with small memory
Hackazon is a free, vulnerable test site with an online storefront to train and test IT security professionals on various vulnerabilities like SQL Injection and cross-site scripting.
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
Instrumentation-based approach for resolving reflective calls in Android apps.
A tool to profile web applications based on response time discrepancies.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
ModSecurity is an open-source web application firewall that provides a flexible and scalable way to monitor and control HTTP traffic.