< Prev 1 2 3 4 5 6 7 Next >
Category: Auditing » Network » Web
Grendel-Scan is an open source web application security tool. It has a number of automated testing modules for finding common vulnerabilities such as SQL injection, cross-site scripting, or session fixation. There are also a number of features to aid in manual application penetration testing, such as a intercepting proxy.
Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use.
XSS Scanner that can find hosts using a google query or search one site. If XSS is found it attempts to collect email addresses to further your attack or warn the target of the flaw. When the scan is complete it will print out the XSS's found and or write to file, it will find false positives so manually check before getting to excited. It also has verbose mode and you can change the alert pop-up message, check options!!
N-Stalker Web Application Security Scanner 2006
N-Stalker Free Edition allows for quick security assessment of Web Applications under the perspective of Infrastructure and Deployment phases. It scans for more than 18,000 vulnerabilities, crawl your web application, discover hidden directories/files and look for backup files.
Collapse Web Application Scanner
Collapse, a free tool from Syhunt, allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Collapse scanner requires basic inputs such as host names and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. This new version includes an improved GUI, new web application security checks and many other additional enhancements.
halberd discovers HTTP load balancers. It is useful for testing load balancer configurations and for web application auditing purposes.
Chorizo! is a web app security scanner especially for PHP based applications. It's an application service (all data encrypted on the server, no one can see the results except the users) that is able to detect SQL injections, AJAX bugs, code inclusions/executions, session fixations, PHP vulnerabilities and so on. It will also be available as an appliance version for testing non-public websites.
Collapse Web Application Scanner
Collapse, a free tool from Syhunt, allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Collapse scanner requires basic inputs such as host names and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. 1100 new vulnerabilities were added in the last months of 2006
Belkasoft Forensic IM Extractor
This tool for e-crime/forensic professionals eases their work on analysing Internet Messengers histories. No password required. Supports various IMs: ICQ versions 99a up to ICQ5, MSN Messenger, Yahoo! Messenger, &RQ, Miranda. Supports deep ICQ analysis using different methods (with and without usage of index file) that allows user to extract even deleted and overwritten messages. The latter ability is indispensable for e-crime professionals. A number of different options available like filtering messages by time, sent/received type, user; ability to convert history to ICQ5 format; multibyte codepages are supported. More info at http://belkasoft.com.
JAAScois Anti-WebInjection will scan all website for analysis any Injection exploits - SQL Injection Exploits - Remote File Inclusion Exploits - Cross-Site Scripting - XSS Exploits - Error Pages 404 , 500 etc ... - Password & Upload Pages By JAAScois (C) 2006
Browse by category