CYBER 101

  • Alerts
  • Blog
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Domains
  • FAQ
  • Incidents
  • Tutorials

Subscribe to our newsletter

FOLLOW US

No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
  • Jobs
  • Vendors
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
  • Jobs
  • Vendors
Get Help
CyberMaterial
Home Tool

10 PenTesting Tools V.1

Reading Time: 4 mins read
in DevSecOps, Software, Tool

Find below a short list of 10 useful tools for penetration testing.

1. JMeter

The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance. It was originally designed for testing Web Applications but has since expanded to other test functions.

2. Wfuzz

Wfuzz is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.

3. ImmuniWeb On-demand

ImmuniWeb® On-Demand delivers scalable, rapid and DevSecOps-enabled web application penetration testing with tailored remediation guidelines and zero false-positives SLA. It leverages our award-winning AI technology to augment, intensify and accelerate web application penetration testing.

4. Wapiti

Wapiti allows you to audit the security of your websites or web applications. It performs “black-box” scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

5. ZAP-CLI

A command line tool that wraps the OWASP ZAP API for controlling ZAP and executing quick, targeted attacks.

6. Arachni

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications. It is free, with its source code public and available for review.

7. XSS Hunter

XSS Hunter allows you to find all kinds of cross-site scripting vulnerabilities, including the often-missed blind XSS. The service works by hosting specialized XSS probes which, upon firing, scan the page and send information about the vulnerable page to the XSS Hunter service.

8. FireBug

The story of Firefox and Firebug are synonymous with the rise of the web. We fought the good fight and changed how developers inspect HTML and debug JS in the browser.

9. XSSSniper

xsssniper is an handy xss discovery tool with mass scanning functionalities. What it does is scanning target URL for GET parameters and then inject an XSS payload (Y) into them and parse the response for artifacts of the injection (Z).

10. Zaproxy

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers.

Tags: arachniDevSecOpsFirebugPenTestingToolsWapitiWfuzzXSS HunterXsssniperZaproxy
ADVERTISEMENT

Related Posts

Shodan – Tool

Mine – Tool

February 5, 2023
Shodan – Tool

Shodan – Tool

February 5, 2023
Lexar LJDF35-128BNL Jumpdrive Fingerprint

Lexar LJDF35-128BNL Jumpdrive Fingerprint

January 24, 2023
YubiKey Bio Series – FIDO Edition

YubiKey Bio Series – FIDO Edition

January 24, 2023

More Articles

Book

AWS Certified DevOps Engineer – Professional Certification and Beyond

January 25, 2022
Certification

AZ-500: Microsoft Azure Security Technologies

March 28, 2022
Entertainment

Halt and catch fire (2014-2017)

November 12, 2020
Book

AWS Security Automation and Orchestration

April 29, 2022
Incidents

Sophisticated Android spyware PhoneSpy infected thousands of Korean phones

November 11, 2021
Quotes

“A DevOps engineer is not only….”

January 25, 2022
Alerts

Atlassian Releases New Versions of Confluence Server

June 3, 2022
Incidents

Iranian Group Targeting Israeli Shipping

August 17, 2022
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.