Exploit-Me

Exploit-Me is a suite of tools and applications designed to help with application security testing.

The Exploit-Me Firefox plugin series was originally introduced at the SecTor conference in Toronto. The slides for the presentation are available for download. Along with this SecTor is making the audio of the talk available.

Exploit-Me Mobile (Mobile Application)

Exploit-Me Mobile (EMM) is an open source project demonstrating common mobile application vulnerabilities in the iOS and Android platforms. ExploitMe Mobile is a training platform built based on the common mobile application security pitfalls. The entire source of the project can be found on github - github.com/SecurityCompass

XSS-Me (Firefox Plugin)

Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary flaws. XSS-Me is the Exploit-Me tool used to test for reflected XSS vulnerabilities.

SQL Inject-Me (Firefox Plugin)

SQL Injection vulnerabilites can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. SQL Inject-Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.

Access-Me (Firefox Plugin)

Access vulnerabilites in an application can allow an attacker to access resources without being authenticated. Access-Me is the Exploit-Me tool used to test for Access vulnerabilities.