Category:Penetration Testing Tools

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.

1 Penetration Testing Tools

Penetration Testing Tools

Information Gathering Tools

Fingerprinting

Name	Owner	Licence	Platforms
httprint	NetSquare Inc	no cost for personal, educational and non-commercial use.	Win, Lin, Mac, FreeBSD
httprecon	Marc Ruef	GPL	Windows
Netcraft	Netcraft Inc	N/A	WebBased

Configuration Management Testing Tools

SSL Testing

Name	Owner	Licence	Platforms
OpenSSL
SSL Digger

DB Listener Testing

Name	Owner	Licence	Platforms
TNS Listener
Toad

Authentication Testing Tools

Password Brute Force Testing

Name	Owner	Licence	Platforms
Burp Intruder
Brutus
John the Ripper
Ophcrack
THC Hydra

Session Management Testing Tools

Name	Owner	Licence	Platforms
CookieDigger

Authorization Testing Tools

Data Validation Testing Tools

Fuzzers
SQL Injection Testing
XSS Testing
Buffer Overflow Testing

Denial of Service Testing Tools

Web Services Testing Tools

Ajax Testing Tools

HTTP Traffic Monitoring

Web Proxies

Name	Owner	Licence	Platforms
Burp Suite
Paros Proxy
Webscarab
TamperIE
Tamper Data
SPIKE Proxy
Suru Web Proxy
Charles
Odysseus
JS Commander
ratproxy

Sniffers

Encoders / Decoders

CAPTCHA Decoders

Name	Owner	Licence	Platforms
PWNtcha
The Captcha Breaker

Web Testing Frameworks

Name	Owner	Licence	Platforms
w3af	Andres Riancho and w3af team	GPLv2	Windows, Linux

This category currently contains no pages or media.

Category:Penetration Testing Tools

Penetration Testing Tools

Information Gathering Tools

Configuration Management Testing Tools

Authentication Testing Tools

Session Management Testing Tools

Authorization Testing Tools

Data Validation Testing Tools

Denial of Service Testing Tools

Web Services Testing Tools

Ajax Testing Tools

HTTP Traffic Monitoring

Encoders / Decoders

Web Testing Frameworks

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools