Navigation
MasterBugs
I originally wrote MasterBugs as a proof-of-concept program. For a few years, it was buried deep on my hard drive until one day I needed a program whereby I could demonstrate various application-layer security flaws. After some updating to add flaws to MasterBugs, it served the purpose. I continue to add flaws to the program.
This software is composed of legacy ASP scripts (VBscript), client-side javascripts and a Microsoft SQL Server database - and it is riddled with security flaws.
In Web Hacker Boot Camp you will find step-by-step directions for how many of the flaws are exploited and tips on how to find similar flaws in your own applications.
MasterBugs is now being released under the GNU open-source license.
Get it from the Downloads page.
Web Hacker Boot Camp
This hands-on, self-paced training kit walks you through various application-layer attacks, step-by-step. Understand how hackers exploit common mistakes made by web developers.