Unix

OpenBSD, FreeBSD, Solaris, and/or other Unix variants

DigDug

This little program is for auditing a DNS, it will brute force a domain asking for hostnames taken from a predefined list. The list has the most common names used for hosts. It supports hybrid querys to find a broader range of hosts

Veracode

Current forces are putting pressure on organizations to secure their applications fast. The Veracode product suite facilitates that for you and we make implementation a breeze with our private cloud delivery platform. There's no hardware to buy; no software to install; no disruption to current systems; no intensive developer training; and you can be up and running in minutes.

SqlCake

SqlCake is an Automatic SQL injection and database information gathering tool.

Hackbar

Hackbar is another firefox add on that acts as a simple security audit / Penetration test tool

TamperData

Tamper data is a firefox add on that is used to view and modify HTTP/HTTPS headers and post parameters

Hackademic

The OWASP Hackademic Challenges are an open source project that can be used to test and improve one's knowledge of web application security.

The OWASP Hackademic Challenges project implements realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.

HTTP Post Tool

A tool for the purpose of performing web application security assessment around the availability concerns. Web Denial of Service Attack tool.

Mantra

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.

JBroFuzz

JBroFuzz is a web application fuzzer for requests being made over HTTP or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities

ProxMon

ProxMon is an extensible Python based framework that reduces testing effort, improves consistency and reduces errors. Its use requires limited additional effort as it processes the proxy logs that you’re already generating and reports discovered issues. In addition to penetration testing, ProxMon is useful in QA, developer testing and regression testing scenarios.

Syndicate content