Difference between revisions of "Category:Penetration Testing Tools"

From OWASP
Jump to: navigation, search
(7 intermediate revisions by 3 users not shown)
Line 9: Line 9:
  
 
{{:Template:OWASP Tool Headings}}
 
{{:Template:OWASP Tool Headings}}
{{OWASP Tool Info || tool_name = [http://net-square.com/httprint/index.shtml httprint]}}
+
{{OWASP Tool Info | tool_name = [http://net-square.com/httprint/index.shtml httprint]
{{OWASP Tool Info || tool_name = [http://www.computec.ch/projekte/httprecon/ httprecon]}}
+
| tool_owner = NetSquare Inc
{{OWASP Tool Info || tool_name = [http://www.netcraft.com Netcraft]}}
+
| tool_licence = no cost for personal, educational and non-commercial use.
 +
| tool_platforms = Win, Lin, Mac, FreeBSD
 +
}}
 +
{{OWASP Tool Info | tool_name = [http://www.computec.ch/projekte/httprecon/ httprecon]
 +
| tool_owner = Marc Ruef
 +
| tool_licence = GPL
 +
| tool_platforms = Windows
 +
}}
 +
{{OWASP Tool Info | tool_name = [http://www.netcraft.com Netcraft]| tool_owner = Netcraft Inc
 +
| tool_licence = N/A | tool_platforms = WebBased
 +
}}
 +
{{OWASP Tool Info | tool_name = [http://yehg.net/q WebRecon]| tool_owner = Aung Khant
 +
| tool_licence =GPL | tool_platforms = WebBased
 +
}}
 
|}
 
|}
 
  
 
=== Configuration Management Testing Tools ===
 
=== Configuration Management Testing Tools ===
Line 37: Line 49:
 
{{OWASP Tool Info || tool_name = [http://portswigger.net/intruder/ Burp Intruder]}}
 
{{OWASP Tool Info || tool_name = [http://portswigger.net/intruder/ Burp Intruder]}}
 
{{OWASP Tool Info || tool_name = [http://www.hoobie.net/brutus/ Brutus]}}
 
{{OWASP Tool Info || tool_name = [http://www.hoobie.net/brutus/ Brutus]}}
 +
{{OWASP Tool Info || tool_name = [http://www.oxid.it/cain.html Cain & Abel] | tool_owner = oxid
 +
| tool_licence = Freeware | tool_platforms = Windows}}
 
{{OWASP Tool Info || tool_name = [http://www.openwall.com/john/ John the Ripper]}}
 
{{OWASP Tool Info || tool_name = [http://www.openwall.com/john/ John the Ripper]}}
 
{{OWASP Tool Info || tool_name = [http://ophcrack.sourceforge.net/ Ophcrack]}}
 
{{OWASP Tool Info || tool_name = [http://ophcrack.sourceforge.net/ Ophcrack]}}
Line 58: Line 72:
 
*'''XSS Testing'''
 
*'''XSS Testing'''
 
*'''Buffer Overflow Testing'''
 
*'''Buffer Overflow Testing'''
 +
{{:Template:OWASP Tool Headings}}
 +
{{OWASP Tool Info | tool_name = [http://code.google.com/p/skipfish/ Skipfish]
 +
| tool_owner = N/A
 +
| tool_licence = Apache
 +
| tool_platforms = Linux
 +
}}
 +
{{OWASP Tool Info || tool_name = [http://w3af.sourceforge.net/ w3af] | tool_owner = NA
 +
| tool_licence = GPL v2 | tool_platforms = Python required (cross platform)
 +
}}
 +
|}
  
  
Line 99: Line 123:
  
 
{{:Template:OWASP Tool Headings}}
 
{{:Template:OWASP Tool Headings}}
{{OWASP Tool Info || tool_name = [http://w3af.sourceforge.net/ w3af]}}
+
{{OWASP Tool Info | tool_name = [http://w3af.sourceforge.net/ w3af]
 +
| tool_owner = Andres Riancho and w3af team
 +
| tool_licence = GPLv2
 +
| tool_platforms = Windows, Linux
 +
}}
 +
{{OWASP Tool Info | tool_name = [http://www.websecurify.com Websecurify]
 +
| tool_owner = GNUCITIZEN / Websecurify
 +
| tool_licence = GPLv2
 +
| tool_platforms = Windows, Mac OS, Linux
 +
}}
 +
{{OWASP Tool Info | tool_name = [http://www.zerodayscan.com/ ZeroDayScan]
 +
| tool_owner =
 +
| tool_licence = Free
 +
| tool_platforms = Online, Cloud
 +
}}

Revision as of 22:13, 2 May 2011

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.

Contents

Penetration Testing Tools

Information Gathering Tools

  • Fingerprinting
Name Owner Licence Platforms
httprint NetSquare Inc no cost for personal, educational and non-commercial use. Win, Lin, Mac, FreeBSD


httprecon Marc Ruef GPL Windows


Netcraft Netcraft Inc N/A WebBased


WebRecon Aung Khant GPL WebBased

Configuration Management Testing Tools

  • SSL Testing
Name Owner Licence Platforms
OpenSSL


SSL Digger
  • DB Listener Testing
Name Owner Licence Platforms
TNS Listener


Toad


Authentication Testing Tools

  • Password Brute Force Testing
Name Owner Licence Platforms
Burp Intruder


Brutus


Cain & Abel oxid Freeware Windows


John the Ripper


Ophcrack


THC Hydra


Session Management Testing Tools

Name Owner Licence Platforms
CookieDigger


Authorization Testing Tools

Data Validation Testing Tools

  • Fuzzers
  • SQL Injection Testing
  • XSS Testing
  • Buffer Overflow Testing
Name Owner Licence Platforms
Skipfish N/A Apache Linux


w3af NA GPL v2 Python required (cross platform)


Denial of Service Testing Tools

Web Services Testing Tools

Ajax Testing Tools

HTTP Traffic Monitoring

  • Web Proxies
Name Owner Licence Platforms
Burp Suite


Paros Proxy


Webscarab


TamperIE


Tamper Data


SPIKE Proxy


Suru Web Proxy


Charles


Odysseus


JS Commander


ratproxy
  • Sniffers

Encoders / Decoders

  • CAPTCHA Decoders
Name Owner Licence Platforms
PWNtcha


The Captcha Breaker

Web Testing Frameworks

Name Owner Licence Platforms
w3af Andres Riancho and w3af team GPLv2 Windows, Linux


Websecurify GNUCITIZEN / Websecurify GPLv2 Windows, Mac OS, Linux


ZeroDayScan Free Online, Cloud

This category currently contains no pages or media.