Oedipus is an open source web application security analysis and testing suite written in Ruby by Penetration Testers for Penetration Testers. It is capable of parsing different types of log files off-line and identifying security vulnerabilities. Using the analyzed information, Oedipus can dynamically test web sites for application and web server vulnerabilities.
Oedipus can be broken down into 4 main components:
Parsers the Oedipus or IEnterceptor file, feeding each request to a dynamically loaded predefined security plug-in on the fly.
Using the results from the Analyzer and the Scanner, Oedipus produces several well formatted reports designed for the Penetration Tester. The Scanner report can be interactively used to verify the results of the potential vulnerabilities discovered.
Using the above identified security vulnerabilities, a number of tools are provided to analyze and potentially exploit the vulnerability.
You can read more at:
- Radare – The Reverse Engineering Framework
- ZMap – Fast Open-Source Network Scanner
- Arachni v1.0 Released – Web Application Security Scanner Framework
- Hook Analyser 3.1 – Malware Analysis Tool
- Security Compass Web Application Analysis Tool – SWAAT
- Samhain v.2.5.9c – Open Source Host-Based Intrusion Detection System (HIDS)
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,875,085 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,069,580 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 627,352 views