HTTP Proxying/Editing
- Burp
An intercepting proxy server for security testing of web applications. It operates as a man-in-the-middle between your browser and the target application
- Web Proxy Editor
A multithreaded fast proxy checking software. This software is able to support SOCKS4/SOCKS5/HTTP/HTTPS proxies.
- Paros
Through Paros's proxy nature, all HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted and modified.
- WebScarab
A framework for analysing applications that communicate using the HTTP and HTTPS protocols.
Security Scanners
- Nessus
Features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.
- N-Stealth
Provides checks to enhance the overall security of your web server infrastructure, using the most complete web attack signature database available in the market such as cross-site scripting.
- Nikto/Wikto
An Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
- HP WebInspect
A web application security assessment software designed to thoroughly analyze today's complex web applications. It delivers fast scanning capabilities, broad assessment coverage and accurate web application scanning results.
Password Crackers
- L0phtCrack
A password auditing and recovery software, packed with powerful features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding.
- RainbowCrack
Crack hashes with rainbow tables.
Other Security Tools
- SSLDigger
A tool to assess the strength of SSL servers by testing the ciphers supported.
No comments:
Post a Comment
Do provide your constructive comment. I appreciate that.