PHP Vulnerability Hunter

Overview | Screenshots | Guide | Download | Change Log

A sophisticated white box fuzzer that scans PHP applications for several different classes of vulnerabilities using static and dynamic analysis. By instrumenting application code, PHP Vulnerability Hunter is able to achieve greater code coverage and uncover more bugs.

SnappingTurtle: A Web Exploitation Tool

Overview |  Getting Started |  Documentation |  Download |  Changelog

A cross platform web exploitation tool written in Aphid and compiled into Python. Currently supports exploitation of PHP local file inclusion and SQL injection.

Aphid Programming Language

Overview | Try it online | Download

A hacker-friendly, multiparadigm language intended to be embedded in .NET applications or compiled into other languages like Python or PHP. The internals of Aphid are clean and easy to work with, allowing for rapid creation of derivative domain-specific languages.


Download | Guide | Change Log

FuzzTalk is an XML driven fuzz testing framework that emphasizes extensibility and reusability. While most fuzzing frameworks require in depth programming knowledge, FuzzTalk can test a wide range of network protocols by using simple XML templates. Includes example scripts for fuzzing HTTP, FTP, and SMTP servers.



Create memory corruption exploits with this position independent shellcode for the 32-bit Windows platform.

Bleed Out


Exploit the legendary Heartbleed vulnerability with this easy to use tool.


Overview |  Guide |  Download |  Change Log

HTTP Bog is a slow HTTP denial-of-service tool that works similarly to other attacks, but rather than leveraging request headers or POST data Bog consumes sockets by slowly reading responses.

HTTP Directory Traversal Scanner

Overview | Download | Change Log

Detect directory traversal vulnerabilities in HTTP servers and web applications with this free tool.

Fiddler XSS Inspector

Overview | Download

Search for vulnerabilities in web applications using Fiddler XSS Inspector to detect both reflected and persistent cross-site scripting vulnerabilities.

Fiddler XSRF Inspector

Quick Start Guide | Download

This inspector plugin will help you easily create proof of concepts using requests captured by Fiddler.

Copyright © 2018 AutoSec Tools LLC