-
Notifications
You must be signed in to change notification settings - Fork 234
References
#References Used
Here you will find a list of references used with this site, this includes sites researched on, gems used, libraries used, people who have helped with research, etc..
#Gems and libraries used
OptParse
OptionParser is a class for command-line option analysis. It is much more advanced, yet also easier to use, than GetoptLong, and is a more Ruby-oriented solution.
Reference: http://ruby-doc.org/stdlib-2.2.0/libdoc/optparse/rdoc/OptionParser.html
Mechanize
The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. Form fields can be populated and submitted. Mechanize also keeps track of the sites that you have visited as a history.
Reference: https://github.com/sparklemotion/mechanize
Nokogiri
Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents via XPath or CSS3 selectors.
Reference: https://github.com/sparklemotion/nokogiri
Regex
A Regexp holds a regular expression, used to match a pattern against strings. Regexps are created using the /.../ and %r{...} literals, and by the Regexp::new constructor.
Regular expressions (regexps) are patterns which describe the contents of a string. They’re used for testing whether a string contains a given pattern, or extracting the portions that match. They are created with the /pat/ and %r{pat} literals or the Regexp.new constructor.
Reference: http://ruby-doc.org/core-2.2.0/Regexp.html
TempFile
A utility class for managing temporary files. When you create a Tempfile object, it will create a temporary file with a unique filename. A Tempfile objects behaves just like a File object, and you can perform all the usual file operations on it: reading data, writing data, changing its permissions, etc. So although this class does not explicitly document all instance methods supported by File, you can in fact call any File instance method on a Tempfile object.
Reference: http://ruby-doc.org/stdlib-1.9.3/libdoc/tempfile/rdoc/Tempfile.html
#Research done and where
SQL Vulnerability Syntax
SQL injection is a type of web application security vulnerability in which an attacker is able to submit a database SQL command that is executed by a web application, exposing the back-end database. A SQL injection attack can occur when a web application utilizes user-supplied data without proper validation or encoding as part of a command or query. The specially crafted user data tricks the application into executing unintended commands or changing data. SQL injection allows an attacker to create, read, update, alter or delete data stored in the back-end database. In its most common form, a SQL injection attack gives access to sensitive information such as social security numbers, credit card numbers or other financial data. According to Veracode’s State of Software Security Report, SQL injection is one of the most prevalent types of web application security vulnerability.
References: http://www.veracode.com/security/sql-injection
HTTP Servers
Every Website sits on a computer known as a Web server. This server is always connected to the internet. Every Web server that is connected to the Internet is given a unique address made up of a series of four numbers between 0 and 255 separated by periods.
Reference: http://www.tutorialspoint.com/web_developers_guide/web_server_types.htm
Argument Error
Raised when the arguments are wrong and there isn't a more specific Exception class.
Reference: http://ruby-doc.org/core-2.2.0/ArgumentError.html
StackOverflow
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's built and run by you as part of the Stack Exchange network of Q&A sites. With your help, we're working together to build a library of detailed answers to every question about programming.
Reference: http://stackoverflow.com/tour
Webcache
A WebmasterWorld thread reports that some users are seeing the URL webcache.googleusercontent.com being used for the Cache link in the Google search results. Typically, Google does not use a name based URL for the cache link, such as google.com or the one above. Typically, Google would use an IP address.
Reference: https://www.seroundtable.com/archives/021929.html
Blacklist
In computing, a blacklist or block list is a basic access control mechanism that allows through all elements (email addresses, users, passwords, URLs, IP addresses, domain names, file hashes, etc.), except those explicitly mentioned. Those items on the list are denied access
Reference: https://en.wikipedia.org/wiki/Blacklist_%28computing%29
#Third party tools used
sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.