JHijack

From OWASP
Jump to: navigation, search

Description

A simple Java Fuzzer mainly used for numeric session hijacking and parameter enumeration. Developed by Yangon Ethical Hacker Group, http://yehg.net.


Demonstrations

Session Hijacking http://yehg.net/lab/pr0js/files.php/webgoat_sessionman_sessionhijackingwithjhijack.zip

BlindSQLInjection http://yehg.net/lab/pr0js/files.php/webgoat_injectionflaws_blindsqlinjection.zip


Requirements

JRE/JDK 1.4 or above


Download

http://yehg.net/lab/pr0js/files.php/jhijackv0.1beta.zip http://downloads.sourceforge.net/project/jhijack/jhijack/latest/JHijack0.2-beta.zip