Category:Web Applications

From SecurityForest

Whisker/Libwhisker : Rain.Forest.Puppy's CGI vulnerability scanner and library

Whisker is a scanner which allows you to test HTTP servers for many known security holes, particularly the presence of dangerous CGIs. Libwhisker is a perl library (used by Whisker) which allows for the creation of custom HTTP scanners.

http://www.wiretrip.net

Nikto : A more comprehensive web scanner

Nikto is a web server scanner which looks for over 2000 potentially dangerous files/CGIs and problems on over 200 servers. It uses LibWhisker but is generally updated more frequently than Whisker itself.

http://www.cirt.net

N-Stealth : Web Server Scanner

N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as whisker and nikto, but do take their web site with a grain of salt. The claims of "20,000 vulnerabilities and exploits" and "Dozens of vulnerability checks are added every day" are highly questionable. Also note that essentially all general VA tools such as nessus, ISS, Retina, SAINT, and SARA include web scanning components. They may not all be as up-to-date or flexible though. n-stealth is Windows only and no source code is provided.

http://www.nstalker.com/nstealth

SPIKE Proxy : HTTP Hacking / Fuzzing

Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and directory traversal detection.

http://www.immunitysec.com/spikeproxy.html

Achilles : A Windows web attack proxy

Achilles is a tool designed for testing the security of web applications. Achilles is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Achilles will intercept an HTTP session's data in either direction and give the user the ability to alter the data before transmission. For example, during a normal HTTP SSL connection a typical proxy will relay the session between the server and the client and allow the two end nodes to negotiate SSL. In contrast, when in intercept mode, Achilles will pretend to be the server and negotiate two SSL sessions, one with the client browser and another with the web server. As data is transmitted between the two nodes, Achilles decrypts the data and gives the user the ability to alter and/or log the data in clear text before transmission.

http://achilles.mavensecurity.com/

Odysseus : Odysseus is a tool designed for testing the security of web applications.

Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session's data in either direction and give the user the ability to alter the data before transmission.

http://www.wastelands.gen.nz/

Burp Spider : Burp spider is a tool for enumerating web-enabled applications

Burp Spider uses various intelligent techniques to generate a comprehensive inventory of an application's content and functionality. It enables the user to obtain a detailed understanding of how a web application works, avoiding the time-consuming and unreliable task of manually following links, submitting forms and scouring HTML source code. Potentially vulnerable application functions can be quickly identified, allowing the user to check for specific vulnerabilities such as SQL injection and directory traversal.

http://www.portswigger.net/spider/

Burp Proxy : Burp proxy is an interactive HTTP/S proxy server for attacking web-enabled applications.

Burp Proxy operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions. Burp proxy allows an attacker to find and exploit application vulnerabilities by monitoring and manipulating critical parameters and other data transmitted by the application.

http://www.portswigger.net/proxy/

Burp Intruder : Burp intruder is a tool to facilitate automated attacks against web-enabled applications.

Burp intruder can be used to automate a wide range of attacks against applications, including testing for common web application vulnerabilities such as SQL injection, cross-site scripting, buffer overflows and directory traversal; brute force attacks against authentication schemes; enumeration; parameter manipulation; trawling for hidden content and functionality; session token sequencing and session hijacking; data mining; concurrency attacks; and application-layer denial-of-service attacks.

http://www.portswigger.net/intruder/

Paros : Paros is an interactive HTTP/S proxy server and security scanner.

Paros is a HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly wit client certificate, proxy chaining, filtering and intelligent vulnerability scanning.

http://www.parosproxy.org/download.shtml

Acunetix WVS : A commercial web vulnerability scanner.

Acunetix Web Vulnerability Scanner (WVS) tests the security of your Web site by crawling it and launching attacks such as cross site scripting, SQL injection and more. Identify vulnerabilities in shopping carts, forms, secured areas and other web applications.

http://www.acunetix.com

AppScan Audit : A commercial web vulnerability scanner.

AppScan Audit is an automated application vulnerability assessment software for auditors and compliance officers to conduct accurate and comprehensive internal application audits, and to validate web application quality and compliance with regulatory and organizational security initiatives.

http://www.sanctuminc.com/

WebInspect : A commercial web vulnerability scanner.

WebInspect Web application security assessment tool ensures the security of your most critical information by identifying known and unknown vulnerabilities within the Web application layer.

http://www.spidynamics.com/

nSense WebScan : A commercial web vulnerability scanner.

nSense WebScan is the next generation web application vulnerability assessment tool which enables users to commit scans using the web enabled nSense Karhu user interface. :http://www.nsense.net/

Wmap : Is a simple less stupid web scanner.

When you use a CGI scanner it just searches for the existence of cgis in common directories. Thats the fact. But it should not be that way. Because many companies just use their own locations to put their cgis. So you are just searching in a default web server path, leaving behind a huge space without testing, with bigger holes that you didnt found.

http://pwp.007mundo.com/etorres1/wmap.htm

Goliath

Goliath is a new and powerfull testing tool created by the websecurityauthority.org team in order to test web-servers security and especially their behavior and performance under Denial of Service attacks.

Linux: http://www.websecurityauthority.org/dlgoliath.php?type=linux

Windows: http://www.websecurityauthority.org/dlgoliath.php?type=win

Document Description: http://www.websecurityauthority.org/goliath.php