Active Members Fi8sVrs Posted March 26, 2016 Active Members Report Share Posted March 26, 2016 OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. Mth3l3m3nt provides the ability to create or do custom LFI and RFI exploits fast with little or no effort at all. It also enables you to store all your quick wins based on its ability to manage HTTP bots, say no to runaway web shells and yes to centrally managed herds in large penetration testing engagements. Description The purpose of this project is to provide a platform to enable more flexible testing especially in aspects regarding to web security and the OWASP top 10 threats to web applications. This will enable free and opensource collaboration, being a web based tool, it is intended to make offensive security on the web easier and more efficient as it leverages on existing technologies with few dependencies. It is built on purely opensource components. It is intended to build up to a fully fledged web penetration testing framework with extensibility for zero day exploits in minutes to users. Currently the features it offers: Multi-Database Support (JIG,SQLite,MySQL,MongoDB,PostgreSQL,MSSQL) LFI/RFI exploitation Module Web Shell Generator (ASP,PHP,JSP,JSPX,CFM) Payload Encoder and Decoder Custom Web Requester (GET/HEAD/TRACE/OPTIONS/POST) Web Herd (HTTP Bot tool to manage web shells) Client Side Obfuscator String Tools Whois Quick Download The home of the OWASP Mth3l3m3nt Framework is on GitHub. You are encouraged to fork, edit and push your changes back to the project through git or edit the project directly on github. However, if you like you may also download the master repository from the following links: .zip file. .tgz file. Source 1 Quote Link to comment Share on other sites More sharing options...
