Ethical Hacking Tool [XSS,SQLi,RFI/LFI...]

[internaut]

Hello, I'm currently studying network and systems programming. I was proposed for a project, because it is the last year on the school.

I decided to develop a security tool because I have some knowledge in pentesting, and it was a challenge for me to do something related with programming and security. Both software source codes are available on my ****** (******.com/joaovarelas/vuln-scanner)

The main app, the scanner, was coded in C++ with the help of Qt IDE. It allows to scan vulnerable services in a target machine, test cross-site scripting (XSS) in web applications, SQL injection, local and remote file inclusion, and many others.

The second app, the vuln database, was coded in PHP and MySQL. It will save all the scans done with the main application for further analysis and exploitation.

I'm sharing with you guys, because I would like to know what you think about the idea. Until now, I'm still having a nice feedback from it.

Screenshots:

camo.******userconten*****m/c0b1a787ef3accad365e2f7f1d6de584b89d01aa/687474703a2f2f692e6779617a6f2e636f6d2f333664663531 31303433613762376431396434333665386135363336346330 302e706e67

camo.******userconten*****m/354cac712b0262b10a41d53eb0db1b913001a22e/687474703a2f2f692e6779617a6f2e636f6d2f373262366537 65363134373833356265383536343563633163313733663965 352e706e67


Small video:

*****************/file/d/0BwPFOxkRfkGgb1d3b2ZDLTc0OXc/edit

Download: source code + binaries (******.com/joaovarelas/vuln-scanner)

Thanks in advance.

[R3Dx666†]

whats the point of this post? just to show screenshots?

[internaut]

What is the point of your comment? I'm releasing the source code of my application in the right section because I would like to have some feedback. Is written anywhere in the rules that it is only allowed to post game hacking code?

Regards, take care