Tag Archive | "owasp"

Advertisements


31 May 2015 | 2,256 views

OWASP Zed Attack Proxy – Integrated Penetration Testing Tool

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as […]

Continue Reading


04 June 2014 | 1,917 views

OWASP NINJA-PingU – High Performance Large Scale Network Scanner

NINJA-PingU (NINJA-PingU Is Not Just A Ping Utility) is a free open-source high performance network scanner tool for large scale analysis. It has been designed with performance as its primary goal and developed as a framework to allow easy plugin integration. Essentially it’s a high performance, large scale network scanner, the likes of which we […]

Continue Reading


07 October 2013 | 3,846 views

Mutillidae – Vulnerable Web-Application To Learn Web Hacking

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiest to learn web hacking. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP for users who do not want to administrate a webserver. It is pre-installed on SamuraiWTF, Rapid7 Metasploitable-2, and OWASP BWA. The […]

Continue Reading


12 June 2013 | 3,006 views

OWASP Bricks – Modular Deliberately Vulnerable Web Application

Bricks, a deliberately vulnerable web application built on PHP & MySQL focuses on variations of commonly seen application security vulnerabilities & exploits, which can be exploited using tools (Mantra & ZAP). The mission is to ‘break the bricks’. Road Map Demonstrate maximum variations of most common vulnerabilities Help people to learn the need of secure […]

Continue Reading


06 December 2012 | 2,708 views

TLSSLed v1.2 – Evaluate The Security Of A Target SSL Or TLS (HTTPS) Web Server Implementation

When running web application security assessments it is mandatory to evaluate the security stance of the SSL/TLS (HTTPS) implementation and configuration. OWASP has a couple of references the author strongly recommends taking a look at, the “OWASP-CM-001: Testing for SSL-TLS” checks, part of the OWASP Testing Guide v3, and the Transport Layer Protection Cheat Sheet. […]

Continue Reading


01 November 2011 | 14,719 views

DirBuster – Brute Force Directories & Files Names

DirBuster is another great tool from the OWASP chaps, it’s basically a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. […]

Continue Reading


20 June 2011 | 11,167 views

Zed Attack Proxy – ZAProxy v1.3.0 Released – Integrated Penetration Testing Tool

It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range […]

Continue Reading


26 April 2011 | 11,004 views

OWASP Hatkit Proxy Project – HTTP/TCP Intercepting Proxy Tool

The primary purpose of the Hatkit Proxy is to create a minimal, lightweight proxy which stores traffic into an offline storage where further analysis can be performed, i.e. all kinds of analysis which is currently implemented by the proxies themselves (WebScarab/Burp/Paros etc). Also, since the http traffic is stored in a MongoDB, the traffic is […]

Continue Reading


07 October 2010 | 15,819 views

OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing. ZAP provides automated scanners […]

Continue Reading


16 March 2010 | 7,147 views

OWASP CodeCrawler – Static Code Review Tool

CodeCrawler is a tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. It’s a Microsoft .NET 3.5 Windows Form application which supports the OWASP Code Review Project. It provides automatic STRIDE classification a very simple DREAD calculator and few minor […]

Continue Reading


Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·

Advertisements