Hack Tool Repository

Categories Platforms Tools List Links News

By Name | By Date | By Popularity

By Name | By Date | By Popularity | Platform overview

By Name | By Date | By Popularity | By Rating

By Name | By Date | By Popularity | By Category

By Group | By Name | By Date | By Popularity

By Date | By Popularity

Web applications sorted by name

Web	www.hacktoolrepository.com

< 1, 2, 3, 4, 5, 6

Everything needed to assess a web application, like vulnerability scanners, mirror tools and cgi scanners

websecurify

Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies. Our latest project is a web application security testing tool which automatically identifies vulnerabilities by using advanced scanning and fuzzing technologies.

Site: http://www.websecurify.com/
Hits: 472

WebSlayer

WebSlayer is a tool designed for bruteforcing Web Applications, it can be used for finding not linked resources (directories, servlets, scripts, etc), bruteforce GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools has a payload generator and a easy and powerful results analyzer.It's possible to perform attacks like:Predictable resource locator (File and directories discovery)Login forms brute forceSession brute forceParameters brute forceParameter fuzzin...

Site: http://www.owasp.org/index.php/Category:OWASP
Hits: 1155

Wikto

Wikto is Nikto for Windows - but with a couple of fancy extra features including Fuzzy logic error code checking, a back-end miner, Google assisted directory mining and real time HTTP request/response monitoring. Wikto is coded in C# and requires the .NET framework.

Site: http://www.sensepost.com/labs/tools/pentest/w
Hits: 3833

WSDigger

WSDigger is a free open source tool designed by Foundstone to automate black-box web services security testing (also known as penetration testing). WSDigger is more than a tool, it is a web services testing framework. Version one of this framework contains sample attack plug-ins for SQL injection, cross site scripting and XPATH injection attacks. A web service vulnerable to XPATH injection is provided as an example with the tool. By releasing the framework as an open-source tool, users are encou...

Site: http://www.foundstone.com/us/resources/prodde
Hits: 428

XSSploit

XSSploit is a multi-platform Cross-Site Scripting scanner and exploiter written in Python. It has been developed to help discovery and exploitation of XSS vulnerabilities in penetration testing missions.When used against a website, XSSploit first crawls the whole website and identifies encountered forms. It then analyses these forms to automatically detect existing XSS vulnerabilities as well as their main characteristics.The vulnerabilities that have been discovered can then be exploited using ...

Site: http://www.scrt.ch/pages_en/xssploit.html
Hits: 506

< 1, 2, 3, 4, 5, 6