Whether you're a security researcher, developer, or organization safeguarding an AI-driven solution, "PenTestPrompt" streamlines the security testing process for LLMs specially to uncover prompt injection vulnerability.
Testers have a comprehensive report of the application’s probable prompt injection vulnerability with evidence.
File Injector is a tool designed to aid creation of documents tampered with prompt injection attacks to assess the robustness of AI systems for indirect prompt injection attacks. It lets you embed hidden instructions or prompts within various file types. This way, you can easily create test cases to evaluate how your AI applications handles such embedded commands.
‘lambdaScanner’ is a Python-based toolkit for penetration testing AWS Lambda functions. It includes a set of boto3-powered scripts that help testers identify security issues in both deployment configurations and function code. The toolkit supports checks for common weaknesses such as overly broad permissions, SQL injection, command execution, and other logic or configuration flaws.
It is not an automated scanner—testers must craft custom requests and payloads according to the event sources (e.g., S3, DynamoDB, SQS, API Gateway) that trigger the Lambda function. This makes the toolkit flexible for evaluating diverse event patterns and payload behaviors.
The package also includes ‘lambdaProtect’, which can be integrated into Lambda functions to safeguard incoming events and outgoing responses by enforcing additional validation controls.
wsScanner is a toolkit for web services scanning and vulnerability detection. It has the following utilities:
DOM as seen in all the aforementioned cases needs to be analysed in many aspects. DOMTracer is a tool to capture real time DOM context along with JavaScript’s. One can observe the DOM in detail using this utility. It aids one to fetch interesting entry points and calls made during ‘Dynamic DOM Manipulation’. Using this tool one can identify various vulnerabilities like:
XAPScan is a tool to dissect and understand RIA-based applications written using Microsoft’s Silverlight technology. A Silverlight application creates a XAP file including DLLs and other configuration files. It is imperative to understand client side code and to discover possible vulnerabilities associated with it. One can dissect a XAP file and analyse its contents using this tool:
This tool helps in fuzzing next generation applications running on Web/enterprise 2.0 platform. It can be used with Web2Proxy by harvesting JSON, XML, JS-Object etc. from already profiled HTTP requests. By adding various fuzz loads and injecting them into particular requests, one can encode fuzz load in various forms to pollute/poison Web 2.0 streams. It is possible to analyse responses by using various techniques like response behaviour, stream structure or patterns.
This tool contains a sample payload, which along with the attached pdf/slides would help one understand the tool’s behaviour better.
This tool helps in assessing next generation applications running on Web/enterprise 2.0 platform. It profiles HTTP requests and responses at runtime by configuring it as proxy. It identifies structures like JSON, XML, XML-RPC etc. along with key HTTP parameters like cookies, login forms, hidden values etc. Based on profile one can take a decision to trap and fuzz requests to identify potential vulnerabilities.
This tool needs .NET framework and is tested on Windows platform.
AppPrint scans IP range, IP or host for Web and Application servers. It scans port 80 for a particular target and tries to deduce the banner using httprint methodology. This gives a best guessed banner for the web server. In the next step it uses a method of forced plug-in invoke and scan for application server type. At this point it tries to fingerprint Tomcat, WebLogic, WebSphere, Orion, ColdFusion and Resin. It also fingerprints Web 2.0 libraries and components.
It requires .NET framework installed.
This is a simple utility which runs against a target site and looks for external references and cross domain malicious injections. There are several sites which get manipulated with these type of injections and are eventually compromised. These sites get registered with stopbadware and other databases as well. This tool helps in the initial scan to look for obvious injections which use <iframe> and <script> tags as defined in the regex file.
Scanweb2.0 is a set of ruby scripts which can help in assessing Web 2.0 applications. Here is a list of things it can do:
This tool is designed to improve the testing capability of White-Box Testing, where one needs to scan the application code completely for various vulnerabilities like XSS, SQL Injection, CRUD/FLS checks etc. This tool, while tracing the code base, aids in discovering these vulnerable points along the code. It mainly works on the following two areas:
This tool needs .NET framework support for its execution.
DOM, as seen in all the aforementioned cases, needs to be analysed in many aspects. DOMTracer is a tool to capture real-time DOM context along with JavaScript. One can observe the DOM in detail using this utility. It aids one in fetching interesting entry points and calls made during ‘Dynamic DOM Manipulation’. Various vulnerabilities like DOM-based XSS, vulnerable calls, same-origin bypass calls, etc. can be identified using this tool.
This tool is a Firefox extension written using the XUL Platform and JavaScript language majorly.
This tool is used in analysing application (web/mobile) .NET assemblies, thick client desktop or Silverlight applications during penetration testing. By analysing, it is possible to determine the internal logic by fetching a hardcoded string within their respective calls or functions. The fetched hardcoded strings like file-path, connection strings, usernames, passwords, crypto usages etc. help in enhancing guided testing across the application by building a threat model, which in turn helps in defining possible attack vectors and their target locations.
IL Text helps in various scenarios where one can supply single or multiple assemblies and select options to grab strings along with their target calls. In the analysis phase, the tool will go to each function call step by step and also display the function names which are called internally. This allows the pen tester to get an idea about the context in which this API or string is implemented in the code. For example: - If one observes a string “test123” in the assembly, it is very difficult to figure out the context in which the string is used from the IL dump but if it is mapped to a function, say “Login” function, then it can be a hardcoded password or possible backdoor.
Microsoft’s .NET framework includes two interfaces – IHTTPModule and IHTTPHandler. These two interfaces can be leveraged to provide application-level defence customized to application-level, folder-level or variable-level. This can act as the first line of defence, before any incoming request touches the Web Application source code level. This is Web Application defence at the gates, for the .NET framework on IIS.
Web2wall is a simple binary module which can be loaded on one’s Web 2.0 applications. One can defend the application layer code by using regex patterns; this can help in filtering XML and JSON streams.
ScanDroid reverse engineers an android application – it scans through the code and detects possible vulnerabilities. It points out some interesting entry points and calls, which can be analysed for vulnerabilities by the user. This tool runs on Ruby and using it one can:
Android is one of the leading operating systems for smart phones and tablets with nearly 80% market share in the smart phone market. With the increase in the use of Android, there is an increase in malware/attack agents attacking Android users and devices with malicious code and intent. With this increase it is imperative to have information and a profile of the device from a system perspective. A periodic scan of the device will help a user to understand and analyse the changes made to the system over a certain period. DumpDroid is a tool that caters to this objective – it quickly scans and builds a profile of the device.
DumpDroid collects information about the device’s current posture and provides a snapshot of the same to the user for analysis. It categorizes information into different sections i.e. OS information, running services information, hardware information, system application information, user installed applications, network information, browser information and call log information. One can quickly go through this report and identify the potential loopholes and permission issues. It marks the applications, of which it is suspicious about, having dangerous permissions so one can decide on its impact. DumpDroid allows running scan by customizing profile and scanning options. DumpDroid presents the report in a simple HTML format.
One of the key attribute under ‘Application’ section in a manifest file is ‘Debuggable’ which describes whether the application is in debug mode or not. CheckDebuggable is a Ruby script which takes an APK file, extracted using ‘Apktool’, as input to check whether the ‘Debuggable’ flag is set to true.
In order to run the CheckDebuggable script, the ‘Apktool’ should be in the same directory. For Linux, execute permission should be assigned. This tool runs on Ruby. The command to run the script is: -
CheckDebuggable.rb -f
Example:
CheckDebuggable.rb -f DumpDroid.apk
Mobile application hacking and security is becoming a major concern in today’s world – especially with BYOD and user’s rooting their own devices. The release cycle of mobile applications is quite frequent compared to that of web applications making it imperative to test these applications from the security/privacy standpoint before launching them. Automated scanning of static/dynamic web applications has its own limitations due to which vulnerability detection is not accurate. Hence, manual review of applications plays a key role in vulnerability detection. We can make some tools which would reduce the time for some tedious and time consuming processes.
Amongst mobile attacks and device enumerations, local storage is a key target for attacks and a potential exploit by information harvesting. It affects the security and privacy of the user and corporates. FSDroid is an automated program to penetrate and analyse the local storage of the most widely used mobile platform – Android. FSDroid leverages system calls provided in SDK to monitor file system and help in identifying the files/directories that have been modified/accessed by any target applications. It can be installed on an emulator, with an objective to monitor the file system calls and review the content while the application is running in order to discover potential vulnerabilities.
It is an Android Application and can be installed using:
#adb install FSDroid.apk
Amongst the mobile attack vectors and security weaknesses, local storage and its misuse is considered as a key security concern. Unlike android, iOS does not provide any API to monitor the file system directly. One needs to dig in to the files/directories to find information stored in local storage across applications. Since looking into each file in the directory is a tedious and time consuming process, it would be helpful to have a simple utility to penetrate and analyse the local storage in an iOS platform.
iAppliScan is this automated tool for review of iOS applications. Taking few parameters as input, it gives one pointers to possible vulnerabilities or weaknesses of the applications. The current version of iAppliScan needs a jailbroken device with SSH access to interface. The device and iAppliScan need to be in the same network with access. Some of the interesting features of iAppliScan are:
iAppliScan lets you automate the review of the iOS application with passing few parameters. It gives pointers to possible vulnerabilities or weakness of the application.