w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross […]
web-auditing
DotDotPwn v1.0 – Directory Traversal Checker/Scanning Tool
A simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those vulns on […]
Pantera – Web Application Analysis Engine
[ad] Pantera is actually using an improved version of SPIKE Proxy and is a project under the umbrella of OWASP. It’s aiming to be a more automated method for testing Web Application Security. Features User-friendly custom web GUI. (CSS): Pantera itself is a web application that runs inside the browser and can be customized using […]
SecurityCompass Exploit-Me – Firefox Web Application Testing Tools
[ad] Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for SQL Injection. The Exploit-Me […]
w3af Fifth BETA for Download – Automated Web Auditing and Exploitation Framework
[ad] As you all seem to pretty interested in Inguma, there’s something else similar called w3af – the fifth BETA was released a while back and the team are now working on the sixth. w3af is a Web application attack and Audit Framework. The project goal is to create a framework to find and exploit […]