Posts

Showing posts from February, 2013

Mercury Framework Android Vulnerability Assessment

Image
Mercury is a framework for exploring the Android platform to find vulnerability and share proof-of-concept exploits . Mercury allows you to assume the role of a low-privileged Android app, and to interact with both other apps and the system. Use dynamic analysis on Android applications and devices for quicker vulnerability assessments . Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices. Write custom tests and exploits, using the easy extensions interface. Mercury does all of this over the network: it does not require ADB. Mercury framework android vulnerability assessment features : - Interact with the 4 IPC endpoints : activities, broadcast receivers, content providers and services. - Use a proper shell that allows you to play with the underlying linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see). - Find information on installed packages with optional sear...

WPScan Android Vulnerability WordPress Security Scanner Tool

Image
WPScan is android vulnerability WordPress security scanner tool written in java which attempts to find known security weaknesses within WordPress installations. Its intended use it to be for security professionals or WordPress administrators to asses the security posture of their WordPress installations. So WPScan for Android is dedicated as a android penetration testing tool and security vulnerability scanner in the WordPress blogging platform, developed by Alessio Dalla Piazza . WPScan android vulnerability WordPress security scanner tool features : - Analysis of WordPress - Identification of vulnerability (based on the version of WP) - Enumeration of users - Recognition of installed plugins (html + analiycs brute force) - Recognition of the included themes (html + analytics brute force) - Finding the TimThumb 0day. [+] Rembember! This is a hacking tool for only test your blog if u have perrmission. And remember again! It is absolutely illegal a violation of federal law...