Giters

magnologan / webfight

Webfigh is a tool for manual analysis of web application security.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

webfight

Webfigh is a tool for manual analysis of web application security.

The tool performs a log parser of Burp (http://portswigger.net/burp/download.html), and performs a series of tests and show notes to an expert analyze:

  1. All requests and parameters to fuzz and data validation tests;
  2. Show all files and javascriopt perform syntax analysis;
  3. Show all flash files, disassembled and grep potential vulnerabilities;
  4. Analyze all headers and do a fingerprint;
  5. Validate security headers (CSP; HSTS, X-Frame-Options)
  6. Create the CSRF PoC for all requests;
  7. And much more ... Make your module ...

Watch Demo:

http://www.youtube.com/watch?v=-xXdoWilR6M&feature=player_embedded

About

Webfigh is a tool for manual analysis of web application security.

Languages

Language:HTML 41.0%Language:JavaScript 31.3%Language:C 11.0%Language:C++ 5.5%Language:CSS 3.5%Language:PHP 3.1%Language:Python 2.3%Language:Bison 1.6%Language:C# 0.7%Language:Ruby 0.1%Language:Shell 0.0%Language:QMake 0.0%