Sort by new | name

Armory

Serva32/64

A small, lightweight multi-server engine.Combines multiple features into one program. Includes: HTTP server FTP server TFTP server TFTP client DHCP server proxyDHCP server 1 BINL server 2 DNS server SNTP server SYSLOG server It was conceived mainly as an Automated PXE Server Solution Accelerator. It bundles on a single exe ...

Network Utilities Web Applications


Netsparker

Netsparker® can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on. Netsparker's unique detection and exploitation techniques allows it to be dead accurate in reporting hence it's the first and the ...

Vulnerability Scanning Web Applications


wget

GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, etc. GNU Wget has many features to make retrieving large ...

Network Utilities Web Applications


WebScarab

WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, ...

Web Applications


Tamper Data

Firefox plugin by Adam Judson. Use Tamper Data to view and modify HTTP/HTTPS headers and post parameters, trace and time http response/requests, and security test web applications by modifying POST parameters.

Browser Plugins Packet Analysis Web Applications


Samurai Web Testing Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection ...

Exploitation Vulnerability Scanning Web Applications


ratproxy

A semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments. Detects and prioritizes broad classes of security problems, such as dynamic ...

Vulnerability Scanning Web Applications


Paros

Paros is an HTTP and HTTPS proxy application written in Java. It allows for easy interception and manipulation of web traffic to and from a client.

Web Applications


Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated ...

Vulnerability Scanning Web Applications



Burp Suite

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting ...

Vulnerability Scanning Web Applications


Hackvertor

Hackvertor is an online conversion tool which can serve as many tools to aide browser hacking, XSS testing, SQL injection, fuzzing, hashing, and lots more. Thanks to Gareth Heyes for suggesting this tool!

Encryption Exploitation Web Applications