Security through data

MAIN

  • Home
  • Alerts
  • Blog
  • Events
  • Incidents
  • Tutorials

FEATURED

  • Phishing
  • Malware
  • Deepfake
  • Quantum Computing

COMPANY

  • About us
  • Advertise
  • Legal & Policy
Cybermaterial
  • CATEGORIES
    • Alerts
    • APIs
    • Apps
    • Blog
    • Cyber101
    • Document
    • Entertainment
    • Learning
    • Quote
    • Stat
    • Tool
No Result
View All Result
Contact Us
Newsletter
Cybermaterial
  • CATEGORIES
    • Alerts
    • APIs
    • Apps
    • Blog
    • Cyber101
    • Document
    • Entertainment
    • Learning
    • Quote
    • Stat
    • Tool
No Result
View All Result
Contact Us
Newsletter
Cybermaterial
No Result
View All Result

10 PenTesting Tools V.1

in Software, Tool
4 min read

Find below a short list of 10 useful tools for penetration testing.

1. JMeter

The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance. It was originally designed for testing Web Applications but has since expanded to other test functions.

2. Wfuzz

Wfuzz is a tool designed for brute forcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.

3. ImmuniWeb On-demand

ImmuniWeb® On-Demand delivers scalable, rapid and DevSecOps-enabled web application penetration testing with tailored remediation guidelines and zero false-positives SLA. It leverages our award-winning AI technology to augment, intensify and accelerate web application penetration testing.

4. Wapiti

Wapiti allows you to audit the security of your websites or web applications. It performs “black-box” scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

5. ZAP-CLI

A command line tool that wraps the OWASP ZAP API for controlling ZAP and executing quick, targeted attacks.

6. Arachni

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications. It is free, with its source code public and available for review.

7. XSS Hunter

XSS Hunter allows you to find all kinds of cross-site scripting vulnerabilities, including the often-missed blind XSS. The service works by hosting specialized XSS probes which, upon firing, scan the page and send information about the vulnerable page to the XSS Hunter service.

8. FireBug

The story of Firefox and Firebug are synonymous with the rise of the web. We fought the good fight and changed how developers inspect HTML and debug JS in the browser.

9. XSSSniper

xsssniper is an handy xss discovery tool with mass scanning functionalities. What it does is scanning target URL for GET parameters and then inject an XSS payload (Y) into them and parse the response for artifacts of the injection (Z).

10. Zaproxy

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers.

Tags: arachniFirebugjmeterPenTestingToolsWapitiWfuzzXSS HunterXsssniperzap-cliZaproxy
33
VIEWS

Related Posts

10 PenTesting Tools V.1
Software

Arachni

Burp Suite
Software

Burp Suite

Tool: Open Threat Exchange (AT&T)
Software

Tool: Open Threat Exchange (AT&T)

MORE

Stat

93.1% of Human Risk Factors involve employees using old passwords for accounts

Book

Book: Superintelligence: Paths, Dangers, Strategies

Movie

Three Days of the Condor (1975)

Stat

The cybersecurity industry needs a 62% talent-increase to meet business demands.

ADVERTISEMENT

Tags

Books Cyber Definition Cybersecurity Hackers Malware Memes Movies Quantum Computing Software Word of the day

© 2021 | CyberMaterial | All rights reserved.

SECURITY THROUGH DATA

No Result
View All Result
  • Home
  • Blog
  • Data
  • Directory
  • Events
  • Tutorials
  • CyberDecoded
  • Stat
  • CyberStory
  • CyberTips
  • Cyber Weekly

© 2020 CyberMaterial - Cyber Decoded.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.