Views: 9,839 w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL […]
web-auditing
DotDotPwn v1.0 – Directory Traversal Checker/Scanning Tool
Views: 12,100 A simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those […]
Pantera – Web Application Analysis Engine
Views: 5,776 [ad] Pantera is actually using an improved version of SPIKE Proxy and is a project under the umbrella of OWASP. It’s aiming to be a more automated method for testing Web Application Security. Features User-friendly custom web GUI. (CSS): Pantera itself is a web application that runs inside the browser and can be […]
SecurityCompass Exploit-Me – Firefox Web Application Testing Tools
Views: 15,332 [ad] Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for SQL Injection. […]
w3af Fifth BETA for Download – Automated Web Auditing and Exploitation Framework
Views: 9,694 [ad] As you all seem to pretty interested in Inguma, there’s something else similar called w3af – the fifth BETA was released a while back and the team are now working on the sixth. w3af is a Web application attack and Audit Framework. The project goal is to create a framework to find […]