I would like to talk about arachni, an open-source framework among many Web Vulnerability Scanners (WVS). I tested it briefly, and it seems to be usable. Also, you should learn how to secure coding...
Vega is a free web vulnerability diagnostic scanner developed by SUBGRAPH. The UI is also one of my favorite scanners because of its superior performance compared to other WVS that is clean and non-commercial....
WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However,...
Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers. Example use case is hosting-providers keeping eye on their users’ installations to keep...
hsecscan A security scanner for HTTP response headers. Installation Requirement: Python 2.x Usage Example Copyright (C) 2015 riramar Source: https://github.com/riramar/
WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by...
BruteXSS is a tool written in python simply to find XSS vulnerabilities in the web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI...
A file upload point is an excellent opportunity to execute XSS applications. Many sites have user rights to upload personal data pictures of the upload point, you have a lot of opportunities to find...
WATABO is a security tool for testing web applications. It is intended to enable security professionals to perform efficient (semi-automated) web application security audits. Most important features: WATOBO has Session Management capabilities! You can...
What is a local file inclusion (LFI) vulnerability? LFI allows an attacker to include a file on a server through a browser. When a Web application does not properly filter the input data, there...
