Hcon Web browser Security Testing Framework
Abstract
HconSTF is one the most powerful web browser framework for pentester's ,no need for a Linux distribution to scan targets ,test SQL injections on websites or even change the requests to the server ,its include and provide a bunch of tools that could be explored from the web browser itself .
Am using Hcon since 2013 and I find it very useful and powerful ,it's my best tool for web tasks in the CTF contests :D ! (TH3_1s_N0T_SECRET_ANY_M0R3 :p )
Am using Hcon since 2013 and I find it very useful and powerful ,it's my best tool for web tasks in the CTF contests :D ! (TH3_1s_N0T_SECRET_ANY_M0R3 :p )
What is Hcon ?!!!
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.
Download Hcon
Supports:Download Hcon
[Windows]
[Linux x86,x64]
Some Highlight Features :
- Categorized and comprehensive toolset
- Contains hundreds of tools and features and script for different tasks like SQLi,XSS,Dorks,OSINT to name a few
- HconSTF webUI with online tools (same as the Aqua base version of HconSTF)
- Each and every option is configured for penetration testing and Vulnerability assessments
- Specially configured and enhanced for gaining easy & solid anonymity
- Works for web app testing assessments specially for owasp top 10 Easy to use & collaborative Operating System like interface
- Light on Hardware Resources
- Portable - no need to install, can work from any USB storage device
- Multi-Language support (feature in heavy development translators needed)
- Works side-by-side with your normal web browser without any conflict issues
- Works on both architectures x86 & x64 on windows XP, Vista, 7 (works with ubuntu linux using wine) Netbook compatible - User interface is designed for using framework on small screen sizes
- Free & Open source and always will be
Categories of tools :
- Information gathering / Analysis
- Editors / Debuggers
- Exploitation / Auditing
- Anonymity
- Passwords
- Cryptography
- Database Scripting / Automation
- Network Utilities
- Reporting
Anonymous mode
This one of my favorite feature on Hcon .The anonymous mode can turn it on/off ,also,integrates the proxy tools and Tor roots proxies by defaults.
In the HconSTF menu bar you can find all the search engines listed and ordered by default .
Search engines
How to use it ?!
Here is a live exemple to decrypt base64 using CryptoFox toolbar on Hcon
hash: Tk9ERU1F
decrypt base64:hash: Tk9ERU1F
Share story
![How to create Basic Login page in Php,MySQL,Bootstrap [part 1]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUkDDIJAEtLOTNb0109L2QPJ3XTTEW6qqSBMtpnDeXuSu5h3CWuPPCW4lwN0VJ-S7kqeBQeMT8kHqHgj7FEaIQST2JK5423bWjZDdLeyEMVqK0knAvucjcReVchh0lt3y4vBiEUFtzH4w/s72-c/28_login.png)
![Write your own PHP MVC Framework [part 1]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOac0AV601Kf4LtH3pBbad9KchFR3xReRHKClgew132HmH3ilC0BP0AEkItG4VaL2P748DvU8VxF2zyeQtkz9MztxnT0UavV2BqYwU4bWrbfR6lo7BrxMgArrq_3G2b4dtNn8L3Wp6Rqs/s72-c/PHP-MYSQL-MVC-FRAMEWORK.jpg)
![How to create Basic Register page in Php,MySQL,Bootstrap [part 2]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKPbzpQRv4U5SIff5mTt8bB0DbQuye7fQm1p_Ft8MeavsXiuydlzgQ_sOsslIfdIIrGKIwbKrad9oW9KRvuElSCyCctggcJYIdZlvwaXLrKficr0vQmr8iSqXZe273cJ62qOZa59RZ5kQ/s72-c/Flat_Web_Design_Elements_1.jpg)
