Search Results for "web security"

Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows.

This web application scanner is a powerful tool designed to identify potential security vulnerabilities in websites with full GUI (no need to cli). It currently performs checks for: SQL Injection (SQLi): Detects vulnerabilities that could allow attackers to inject malicious SQL code and manipulate the database. XSS Cross-site-scripting: Detect vulnerability that allow attackers to inject client-side scripts into web pages Cross-Site Request Forgery (CSRF): Helps discover vulnerabilities that could allow attackers to trick users into performing unintended actions on a website. ...

Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language.

github: https://github.com/samedog/phpmvs

PAVS scans the PHP based web application source code and identifies the potential security problems in that application. PAVS also identifies the loop holes in PHP configuration file settings. Attacks addressed by PAVS are Cross-site Scripting SQL Injection File Manipulation File Inclusion Command Execution Code Evaluation

OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS...

O Uniscan é um scanner de vulnerabilidade para aplicações Web, escrito em Perl para o ambiente Linux. Ele foi desenvolvido como trabalho de conclusão do curso de ciência da computação da Universidade Federal do Pampa e está licenciado sob a GNU General Public License 3.0 (GPL 3) .

BlackBSD Is a NetBSD based LiveCD, with security tools on it, and fluxbox as a window manager. Beta Version 1.0 coming on soon. Packages on it. Nmap - port scanner http://nmap.org/ Nessus - Vulnerability detector http://www.tenable.com/products/nessus Air-Crack - Wireless Cracker http://www.aircrack-ng.org/ Ettercap - port sniffer http://ettercap.github.com/ettercap/ Iptraf - Network Monitor http://iptraf.seul.org/ Medusa - Login brute-forcer http://www.foofus.net/~jmk/medusa/medusa.html Snort - Intrucion Detection http://www.snort.org/ W3af - Web Application Attack http://w3af.org/ NetCat - networking utility http://netcat.sourceforge.net/ THC-Hydra - network logon cracker http://thc.org/thc-hydra/ Wapiti - Web application vulnerability scanner http://wapiti.sourceforge.net/ Rapid7 - http://www.rapid7.com/

Safe3WVS is one of the most powerful web vulnerability scanner with AI on-the-fly web spider crawling technology,especially web portals ,it is the most fast tool to dig such as sql injection, upload vulnerability, and more.http://www.safe3.com.cn/en

A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres. Further, it can crawl a website as a vulnerability scanner looking for sql injection vulnerabilities.

Reaver is a network vulnerability scanner built on top of Nessus with an easy to use "web front-end" and reporting system. Reaver will aid administrators in identifying, cataloguing and remediation of security vulnerability...DEV -missing web interface

Gamja will find XSS(Cross site scripting) & SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].

Free and easy to use vulnerability scanner for web server administrators.

Cake Fuzzer is an open-source project meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently, it is implemented to support the Cake PHP framework. Cake Fuzzer is based on the concept of Interactive Application Security Testing (IAST). The goals of the project are: - create an automated process of discovering vulnerabilities in applications based on the CakePHP Framework; - no application knowledge requirement or pre-configuration of the web application; - result with minimal or close to 0 amount of false positives; - require minimal security knowledge to run the scanner.

SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.