This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:Penetration Testing Tools"
From OWASP
D0ubl3 h3lix (talk | contribs) (→Information Gathering Tools) |
|||
| Line 111: | Line 111: | ||
{{:Template:OWASP Tool Headings}} | {{:Template:OWASP Tool Headings}} | ||
| − | + | {{OWASP Tool Info | tool_name = [http://w3af.sourceforge.net/ w3af] | |
| − | |||
| − | |||
| − | {{ | ||
| − | | tool_name = [http://w3af.sourceforge.net/ w3af] | ||
| tool_owner = Andres Riancho and w3af team | | tool_owner = Andres Riancho and w3af team | ||
| tool_licence = GPLv2 | | tool_licence = GPLv2 | ||
| tool_platforms = Windows, Linux | | tool_platforms = Windows, Linux | ||
| + | }} | ||
| + | {{OWASP Tool Info | tool_name = [http://www.zerodayscan.com/ ZeroDayScan] | ||
| + | | tool_owner = | ||
| + | | tool_licence = Free | ||
| + | | tool_platforms = Online, Cloud | ||
}} | }} | ||
Revision as of 22:34, 22 March 2010
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
- 1 Penetration Testing Tools
- 1.1 Information Gathering Tools
- 1.2 Configuration Management Testing Tools
- 1.3 Authentication Testing Tools
- 1.4 Session Management Testing Tools
- 1.5 Authorization Testing Tools
- 1.6 Data Validation Testing Tools
- 1.7 Denial of Service Testing Tools
- 1.8 Web Services Testing Tools
- 1.9 Ajax Testing Tools
- 1.10 HTTP Traffic Monitoring
- 1.11 Encoders / Decoders
- 1.12 Web Testing Frameworks
Penetration Testing Tools
Information Gathering Tools
- Fingerprinting
| Name | Owner | Licence | Platforms |
| httprint | NetSquare Inc | no cost for personal, educational and non-commercial use. | Win, Lin, Mac, FreeBSD |
| httprecon | Marc Ruef | GPL | Windows |
| Netcraft | Netcraft Inc | N/A | WebBased |
| WebRecon | Aung Khant | GPL | WebBased |
Configuration Management Testing Tools
- SSL Testing
| Name | Owner | Licence | Platforms |
| OpenSSL | |||
| SSL Digger |
- DB Listener Testing
| Name | Owner | Licence | Platforms |
| TNS Listener | |||
| Toad |
Authentication Testing Tools
- Password Brute Force Testing
| Name | Owner | Licence | Platforms |
| Burp Intruder | |||
| Brutus | |||
| John the Ripper | |||
| Ophcrack | |||
| THC Hydra |
Session Management Testing Tools
| Name | Owner | Licence | Platforms |
| CookieDigger |
Authorization Testing Tools
Data Validation Testing Tools
- Fuzzers
- SQL Injection Testing
- XSS Testing
- Buffer Overflow Testing
Denial of Service Testing Tools
Web Services Testing Tools
Ajax Testing Tools
HTTP Traffic Monitoring
- Web Proxies
| Name | Owner | Licence | Platforms |
| Burp Suite | |||
| Paros Proxy | |||
| Webscarab | |||
| TamperIE | |||
| Tamper Data | |||
| SPIKE Proxy | |||
| Suru Web Proxy | |||
| Charles | |||
| Odysseus | |||
| JS Commander | |||
| ratproxy |
- Sniffers
Encoders / Decoders
- CAPTCHA Decoders
| Name | Owner | Licence | Platforms |
| PWNtcha | |||
| The Captcha Breaker |
Web Testing Frameworks
| Name | Owner | Licence | Platforms |
| w3af | Andres Riancho and w3af team | GPLv2 | Windows, Linux |
| ZeroDayScan | Free | Online, Cloud |
This category currently contains no pages or media.
