https | Penetration Testing Tools

EyeWitness

October 6, 2017Information Gatheringhttp, https, infogathering, recon, reporting, webapps

EyeWitness is designed to take screenshots of websites, RDP services, and open VNC servers, provide some server header info, and identify default credentials if possible.

RouterSploit

May 2, 2017Exploitation Toolsexploitation, http, https, passwords

routersploit Package Description The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits – modules that take advantage of identified vulnerabilities creds – modules designed to test credentials against network services scanners – modules that check if a target is vulnerable to…

SPARTA

March 28, 2017Information Gatheringdns, enumeration, gui, http, https, infogathering, mysql, passwords, portscanning, recon, smb, snmp

sparta Package Description SPARTA is a python GUI application that simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to their toolkit and by displaying all tool output in a convenient way. If less time is spent…

Gobuster

February 6, 2017Web Applicationsenumeration, http, https, infogathering, webapps

Gobuster is a web content scanner that looks for existing (and/or hidden) web objects. It basically works by launching a dictionary based attack against a web server and analyzing the response.

DIRB

February 18, 2014Web Applicationsenumeration, http, https, infogathering, webapps

DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analizing the response.

DirBuster

February 18, 2014Web Applicationsenumeration, gui, http, https, infogathering, webapps

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

fimap

February 18, 2014Web Applicationsexploitation, http, https, vulnanalysis, webapps

fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection.

Grabber

February 18, 2014Web Applicationshttp, https, vulnanalysis, webapps

Grabber is a web application scanner. Basically it detects some kind of vulnerabilities in your website. Grabber is simple, not fast but portable and really adaptable.

joomscan

February 18, 2014Web Applicationshttp, https, vulnanalysis, webapps

Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.

jSQL

February 18, 2014Vulnerability Analysis, Web Applicationsgui, http, https, vulnanalysis, webapps

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).

Tag: https

EyeWitness

RouterSploit

SPARTA

Gobuster

DIRB

DirBuster

fimap

Grabber

joomscan

jSQL

Tools Categories

Recent Additions

Tag: https

Tools Categories

Recent Additions

Tag Cloud