Vulners Web Scanner

IP, DNS & Security Tools | HackerTarget.com

Quick access to IP, DNS & Network Tools. Check DNS, Whois, ASN, Traceroute, Ping and more. Tools for technical operators. IP, DNS and Security tools for technical systems operators. Instant access to Whois, GeoIP, DNS, Traceroute, Ping, HTTP Headers, Nmap and more all from your browser. Perfect for: - security professionals - network operators - systems administrators - analysts - or simply those who are curious about technical aspects of the Internet While all these tools are available on HackerTarget.com, our Chrome Extension offers quick and easy access, saving you time. Perform external network queries in a single click. HackerTarget.com is an established provider of hosted open source security scanning services such as Port Scanners (Nmap), Vulnerability Scanners (OpenVAS) and Web application security (WordPress, Nikto) testing. Online Nmap Port Scanning has been available from HackerTarget.com since 2007. While continuing to provide a stable hosted vulnerability scanning service the site continues to evolve and provides tactical information to those who manage Internet connected systems. By using hosted security scanning and network testing tools you are able to probe and troubleshoot your networks, firewalls and servers from an external perspective. This testing from outside the network perimeter or firewall simulates probes and scanning that may be performed by a determined attacker. In addition to finding vulnerabilities and security configuration errors in your systems these types of probes will also enable you to test intrusion detection (IDS / IPS) and even incident response processes.

PhotOSINT

OSINT tool for images. Scans page for images with EXIF metadata, while browsing. Also has context menu options for images. Open source OSINT tool for images. Scans page for images with EXIF metadata, while browsing, and shows all images found with EXIF data on popup window. Also provides context menu options for images such as reverse image search in different search engines, and metadata viewer.

CrowdScrape

Scrape web content for indicators of interest and integrate CrowdStrike Intelligence information The CrowdStrike Intelligence Team is proud to announce the release of CrowdScrape version 1.5.0. CrowdScrape is a Chrome Plugin designed to allow you to be able to scrape indicators from various websites and in-browser documents such as PDF reports while matching the data up against CrowdStrike Intelligence. This release provides bug fixes and enables support for customers in all cloud environments, and includes support for the OAuth2-based Intel API, which has replaced the deprecated legacy key-based APIs (see https://falcon.crowdstrike.com/support/documentation for further information on our API). This easy to use tool produces indicator lists that collect: · Domain, IP addresses, URLs, hashes (MD5, SHA1, SHA256) and Bitcoin addresses · On-Screen Tagging of CrowdStrike known indicators, and links to Indicator Search · Matches to CrowdStrike Intelligence with links to reports in CrowdStrike Intel Portal · Integrations with the CrowdStrike Indicator Graph to visualise intelligence In addition, you can use CrowdScrape to copy any indicators to clipboard making it easier to pull OSINT from different sources and converting this to a text file for implementation into your systems.

JS Vulnerability Detector

JavaSript Vulnerability Detector is a result of my Master Thesis at Brno University of Technology, Faculty of Information technology, graduation year 2022. The extension aims to add security features to the end-users of various websites containing vulnerable JavaScript library code. The principle of extension is following: 1. After page loads the extension scans all the JavaScript contained on the page and sends it to background script for processing. 2. If the script contains a known vulnerability (initial version focuses mostly on jQuery), it is tracked and shown in the extension popup. After detection the vulnerable script can be blocked, patched or left as is and only tracked. All data is stored locally and can be cleared by a "Clear" button in the extension popup. There is no server communication going on, no data leaves the browser. Extension runs in 4 modes: 1. disabled - no action 2. analyze - standard analysis only mode - no patching or blocking of vulnerable scripts 3. bloc - vulnerable scripts are removed from website 4. repair - experimental, vulnerable scripts are patched if possible Currently it can detect vulnerable versions of jQuery (all up to 3.5.0) and repair them by updating them in runtime to 3.5.0 and couple more (around 30, including some of lodash, remarkjs, axios, handlebars and other vulnerabilities).