A free SaaS mode for analyzing security issues and vulnerabilities on web.config settings. A very interesting project to follow.
Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.
NetworkScanViewer is a GUI application designed to help view the results of nessus (v4) and nmap (v5) scan results. It combines the functionality of both NessusViewer and NmapViewer.
Pinata is a Python Script that will generate Proof of Concept CSRF HTML from HTTP request.
Hackbloc is proud to announce the newest release of our zine, HackThisZine. You can grab copies pre-formatted for online reading and printing at https://hackbloc.org/zine. This issue provides extensive coverage of Wikileaks, Cablegate, Operation Payback, and much much more.
Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
To secure a website or a web application, one has to first understand the target application, how it works and the scope behind it. Ideally, the penetration tester should have some basic knowledge of programming and scripting languages, and also web security.