Welcome to our Lab

We at AppSec Labs are proud to lead different research projects, and to advertise problems and their solutions in the different aspects of the fields of information security and hacking.

In fact, we are talking about full development cycles; started by research at AppSec Labs, followed by lectures in global hacking and information security conferences and concluded with whitepapers, books and tools.

Everything, of course, is published as a contribution to the community of security researchers for the purpose of joint research and continued development and to companies for whom these tools are often the only option to continue with the action the tool enables.

Choose a tool from the list below to go to the tool’s page:

  • AppUse

    Platform for mobile application security testing in the Android environment

  • iNalyzer

    iOS penetration testing framework

  • WCF Toolkit

    The WCF Toolkit is a non-commercial tool that can test WCF Endpoints and full WCF Client-Server applications

  • ProKSy

    A TCP Proxy with Java KeyStore Handling to Support SSL/TLS connections and bypassing Key-Pinning.

  • PT Manager

    Penetration Test Vulnerabilities Manager extension for Burp Suite

  • Autorize

    Automatic authorization enforcement detection extension for Burp Suite

  • SSL Analyzer

    The SSL Analyzer is designed for website owners and security testers

  • Belch

    Belch is a binary protocol pen-testing tool

  • Advanced Packet Editor

    Advanced Packet Editor (APE) is an open source packet editor for viewing and editing TCP and HTTP communication

  • Web Socket Tester

    A tool for testing web sockets (supports both encrypted and unencrypted channels)

  • CSRF PoC Generator

    A tool which can help identify CSRF vulnerability by creating a CSRF proof of concept (PoC) with the specified parameters

  • Show Cookies

    A page that lists the cookies of the current website

  • AppSec Labs - Phishing

    A tool which for generating a phishing page from the given page as a proof of concept (PoC)

  • Cookie PoC

    A tool for stealing cookies by HTML attribute of by XSS with script tags for proof of concept (PoC)

  • XSS Snapshotter

    The script in this page provides a way to take a web “screen shot” via XSS