The nullsploit engine is a work in progress exploitation framework. Currently only a limited number of exploits are available, but these should be stable across multiple Windows installations. Features...

Over the last year, I have been performing penetrative application tests, and there is a huge variety of different CMS frameworks available to businesses. One of the frameworks I have...

Following a recent pentest I performed for a client I stumbled upon their private SSL certificate. The SSL key was password encrypted, thus could not be used directly without knowing...

A tool I’ve been writing to enumerate the enabled HTTP methods supported on a webserver. Currently only in the initial beta stage, but includes basic checking of files including the...

A simple TFTP Fuzzer I wrote to discover undisclosed bugs within TFTP servers and other simple UDP based protocols. The project is hosted on GitHub and can be found at...

This FTP fuzzer has been used to fuzz and discover a number of previously undisclosed bugs with FTP server software and other plain-text protocols. The project is hosted on GitHub...