| Achilles proxy  |
Achilles is an intercepting HTTP/HTTPS proxy that can be used for hacking/pentesting web-applications. This tool is for Windows-platform and is simple and usable.
|
915 |
|
| Application Security Blog |
|
185 |
|
| httprint |
HTTPrint is a tool that does identification of web servers despite the banner string and any other obfuscation. httprint can successfully identify the underlying web servers when their headers are mangled by either patching the binary, by modules suc |
558 |
|
| httpush |
HTTPush aims at providing an easy way to audit HTTP and HTTPS application/server security. It supports on-the-fly request modification, automated decision making and vulnerability detection through the use of plugins and full reporting capabilities.
|
746 |
|
| httrack |
It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer.
|
777 |
|
| Lilith |
It works as an ordinary webspider and analyses any grabbed webpages. It dissects forms and if requested, inject special characters that have a special meaning to any underlying platform.
|
576 |
|
| mieliekoek |
Mieliekoek.pl is a SQL insertion crawler which tests all forms on a web site for possible SQL insertion problems. This script takes the output of a web mirroring tools as input, inspecting every file and determine if there is a form in the file.
|
606 |
|
| Nikto |
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 2000 potentially dangerous files/CGIs, versions on over 130 servers, and problems on over 200 servers. This software uses RFP's Li |
525 |
|
| Spike |
SPIKE Proxy is a similar tool to Achilles and can intercept traffic and let you edit it. You can also get a fuzzer that is trying to attack parameters and make the server in the other end to react in unwanted ways.
|
895 |
|
| Stunnel |
Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having |
470 |
|
| web audit library (WAL) |
It is a python module that provides a powerful and easy API for writing web applications assessment tools, similar to what Libwhisker does for Perl. Wal provides for example send/receive/analyze HTTP 0.9/1.0/1.1, decoders/encoders and more.
|
532 |
