It’s been a while since the last time we wrote about the OWASP ZAP – Zed Attack Proxy for Web Application Penetration Testing, back in October 2010. ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range […]
It’s been a while since we last mentioned Skipfish, it was back in March 2010 when they first came out. Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the […]
Tags: google code, google skipfish, google tools, skipfish, web application security scanner, web application security tool, Web Hacking, web reconnaissance tool, web scanning tool, web security scanning tool, web security tools, web-application-hacking, web-application-security, web-hacking-tool, web-security, web-security-tool
Posted in: Hacking Tools, Web Hacking | Add a Comment
CAT is designed to facilitate manual web application penetration testing for more complex, demanding application testing tasks. It removes some of the more repetitive elements of the testing process, allowing the tester to focus on individual applications, thus enabling them to conduct a much more thorough test. Conceptually it is similar to other proxies available […]
Tags: application test tool, application testing, cat, context, context application test tool, fuzzer, fuzzing, local proxy tool, security testing tool, web application security tool, Web Hacking, web proxy tool, web-application-security, web-hacking-tool, web-proxy
Posted in: Hacking Tools, Programming, Web Hacking | Add a Comment
Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc. The author did ask for the original authors of Paros Proxy to integrate his changes but was rejected, hence the […]
Tags: andiparos, paros, paros fork, paros-proxy, personal proxy, proxies, proxy, smartcard certificates, web application proxy, web application security assessment, web application security tool, web-application-security, web-proxy, web-security-tool
Posted in: Database Hacking, Hacking Tools, Web Hacking | Add a Comment
The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation. To advance this goal, Google has released projects such as ratproxy, a passive security assessment tool. The latest is they have announced a new tool called skipfish – […]
