Blackhat Arsenal 2012 Releases : HTExploit (HiperText access Exploit) htaccess bypass v0.7 codename Fernet

Blackhat Arsenal 2012 Releases : HTExploit (HiperText access Exploit) htaccess bypass v0.7 codename Fernet

HTExploit !HTExploit (HiperText access Exploit) is an open-source tool written in Python that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process. By using this tool anyone would be able to list the contents of a directory protected this way, bypassing the authentication process.

I was really happy to meet my friends from Argentina and so proud that one of the biggest contributor and ToolsWatch Team Maxi Soler (@maxisoler) was there to demo an awesome piece of tool. Maxi alongside with Matias Katz (@matiaskatz) had also the opportunity to line up as speakers in the Blackhat Briefings.

Maximiliano & Matias at Blackhat Arsenal demoying HTExploit Live for Fun & for Fun

Interview Session during the Defcon of M & M 😉

The tool provides modularity, by allowing the tester to fully perform an analysis on the protected website of the following attacks: SQL Injection, Local File Inclusion, Remote File Inclusion and others.
The main characteristic of this tool is that all of the analyses performed are done inside the protected directory, not from the publicly accessible site.

Features

  • Multiples modules to execute.  
  • Save the output to an specify directory.  
  • HTML Reporting. 
  • Use multiples wordlist to probe against htaccess bypassing. 
  • Mode verbose for a full detailed information.

 Download
Next ToolsTube with Maxi & Matias about HTexploit and exciting new features to come

 

NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"
Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

Black Hat Arsenal 2024 Next Stop Singapore !

Black Hat Arsenal 2024 Next Stop Singapore !

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community