OWASP Mth3l3m3nt Framework

August 12, 2019

This article is from  Open Source Hacking Tools edition, that you can download for free if you have an account on our website. 

OWASP Mth3l3m3nt (Modular Threat Handling Element) Framework is a simple and portable set of utilities designed to make the life of a penetration tester easy in verifying some key elements/artefacts on the go more easily. The main features are:

  • Multi-Database Support (JIG, SQLite, MySQL, MongoDB, PostgreSQL, MSSQL)
  • LFI/RFI exploitation Module
  • Web Shell Generator (ASP, PHP, JSP, JSPX, CFM)
  • Payload Encoder and Decoder
  • Custom Web Requester (GET/HEAD/TRACE/OPTIONS/POST)
  • Web Herd (HTTP Bot tool to manage web shells)
  • Client Side Obfuscator
  • String Tools
  • Whois
  • Cookie Theft Database (CTDB)

Payload Store

This module was built to aid in a few things; during pentests, we mostly come up with payloads on the fly that we often lose sight of when re-performing or encountering similar targets. The elements that are stored here would....

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.