timing_attack Logo

timing_attack

0
Free
Visit Website

Profile web applications, sorting inputs into two categories based on discrepancies in the application's response time. This tool can be used to test and develop known-vulnerable applications. Installation: gem install timing_attack. Usage: timing_attack [options] -u <target> <inputs> -u, --url URL URL of endpoint to profile. 'INPUT' will be replaced with the attack string. -n, --number NUM Requests per input (default: 50). -c, --concurrency NUM Number of concurrent requests (default: 15). -t, --threshold NUM Minimum threshold, in seconds, for meaningfulness (default: 0.025). -p, --post Use POST, not GET. -q, --quiet Quiet mode (don't display progress bars). -b, --brute-force Brute force mode. -i, --inputs-file FILE Read inputs from specified file, one per line. --parameters STR JSON hash of URL parameters. 'INPUT' will be replaced with the attack string. --parameters-file FILE Name of file containing parameters as with --parameters. --headers STR JSON hash of headers. 'INPUT' will be replaced with the attack string. --headers-file FILE Name of file containing headers as with --headers. --body STR JSON hash of parameters to be included in the request body. 'INPUT'

FEATURES

ALTERNATIVES

A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.

Automatic tool for pentesting XSS attacks against different applications

Identifies misconfigured CloudFront domains vulnerable to hijacking

Runtime application security platform that provides vulnerability management, patching, and threat detection at the application level during program execution.

A low overhead rate limiter for your routes

A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL

FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.

ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.