This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Phoenix/Tools

From OWASP

Revision as of 01:57, 15 January 2007 by Dre (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

LiveCD
Sunday, January 14, 2007 6:54 AM 817811456 AOC_Labrat-ALPHA-0008.iso - http://www.packetfocus.com/hackos/

HTTP proxying / editing

Burp - http://www.portswigger.net/
Paros - http://www.parosproxy.org/
Fiddler - http://www.fiddlertool.com/
Web Proxy Editor
Pantera
Suru
httpedit (curses-based) - http://www.neutralbit.com/en/rd/httpedit/
Charles
Odysseus

RSnake's XSS cheat sheet based-tools and encoding tools

HTMangLe - http://www.fishnetsecurity.com/Tools/HTMangLe/publish.htm
JBroFuzz - http://sourceforge.net/projects/jbrofuzz
[ZIP] XSSFuzz - http://ha.ckers.org/fuzzer/XSSFuzz.zip
WhiteAcid's XSS Assistant - http://www.whiteacid.org/greasemonkey/

HTTP general testing / fingerprinting
Torture.pl Home Page - http://stein.cshl.org/~lstein/torture/
JoeDog's Seige - http://www.joedog.org/JoeDog/Siege/
OPEN-LABS: metoscan (http method testing) - http://www.open-labs.org/
Load-balancing detector - http://ge.mine.nu/lbd.html
Net-Square: httprint - http://net-square.com/httprint/

Browser-based HTTP tampering / editing
TamperIE - http://www.bayden.com/Other/
isr-form - http://www.infobyte.com.ar/development.html
TamperData - http://tamperdata.mozdev.org/
Modify Headers - http://modifyheaders.mozdev.org/

Cookie editing / poisoning
CookieSpy - http://www.codeproject.com/shell/cookiespy.asp
Cookies Explorer - http://www.dutchduck.com/Features/Cookies.aspx

Ajax and XHR scanning
Sprajax - http://www.denimgroup.com/sprajax.html

SQL injection scanning
0x90.org: home of Absinthe, Mezcal, etc - http://0x90.org/releases.php
sqlninja: a SQL Server injection and takover tool - http://sqlninja.sourceforge.net/

Firefox Add-ons (Malware)
FFsniFF - http://azurit.gigahosting.cz/ffsniff/

Web application services that aid in web application security assessment
net.toolkit - http://clez.net/
ServerSniff - http://www.serversniff.net/
Online Microsoft script decoder - http://www.greymagic.com/security/tools/decoder/

Browser-based security fuzzing / checking
Zalewski's MangleMe - http://lcamtuf.coredump.cx/mangleme/mangle.cgi
hdm's tools: Hamachi, CSSDIE, DOM-Hanoi, AxMan - http://metasploit.com/users/hdm/tools/
bcheck - http://bcheck.scanit.be/bcheck/
Stop-Phishing: Projects page - http://www.indiana.edu/~phishing/?projects

PHP file inclusion scanning
Unl0ck Research Team: tool for searching in google for include bugs - http://unl0ck.net/tools.php

Retrieved from "https://wiki.owasp.org/index.php?title=Phoenix/Tools&oldid=15346"