Tools:

  • CANVAS 6.47
    • Includes the VMware 6.5.0/6.5.1 workstation/player breakout “cloudburst” vulnerability
    • Not free, but certainly should be in a penetration testers bag of goodies
  • DVWA – Damn Vulnerable Web App
    • A PHP/MySQL web application that is vulnerable to be used for learning the art of web application security.
    • Author’s blog is ethicalhack3r.co.uk
  • KeyKeriki

Vulnerabilities:

Other News: