webapp

2022-12-07
Tools From Breachforums

  1. Invicti

Invicti is a web application security scanner hacking tool to find SQL Injection, XSS, and vulnerabilities in web applications or services automatically.

  1. Fortify WebInspect

It is used to identify security vulnerabilities by allowing it to test the dynamic behavior of running web applications.

  1. Cain & Abel

It is used to recover the MS Access passwords

  1. Nmap (Network Mapper)

Used in port scanning, one of the phases in ethical hacking, is the finest hacking software ever.

  1. Nessus

Nessus is the world’s most well-known vulnerability scanner, which was designed by tenable network security. It is free and is chiefly recommended for non-enterprise usage.

  1. Nikto

Checks web servers and identifies over 6400 CGIs or files that are potentially dangerous

  1. Kismet

Kismet is basically a sniffer and wireless-network detector that works with other wireless cards and supports raw-monitoring mode.

  1. NetStumbler

Identifying AP (Access Point) network configuration

  1. Acunetix

Integration of scanner results into other platforms and tools

  1. Netsparker

Uniquely verifies identified vulnerabilities, showing that they are genuine, not false positives

  1. Intruder

Integrates with Slack, Jira, and major cloud providers

  1. Nmap

Contains a data transfer, redirection, and debugging tool

  1. Metasploit

Ideal for finding security vulnerabilities

  1. Aircrack-Ng

It can crack WEP keys and WPA2-PSK, and check Wi-Fi cards

  1. Wireshark

Allows coloring rules to packet lists to facilitate analysis

  1. OpenVAS

OpenVAS has the capabilities of various high and low-level Internet and industrial protocols, backed up by a robust internal programming language.

  1. SQLMap

Supports executing arbitrary commands

  1. Ettercap

Live connections sniffer

  1. Maltego

Performs real-time information gathering and data mining

  1. Burp Suite

Uses out-of-band techniques

  1. John the Ripper

Tests different encrypted passwords

  1. Angry IP Scanner

This is a free tool for scanning IP addresses and ports

  1. SolarWinds Security Event Manage

Recognized as one of the best SIEM tools, helping you easily manage memory stick storage

  1. Traceroute NG

Detects paths changes and alerts you about them

  1. LiveAction

Its packet intelligence provides deep analyses

  1. QualysGuard

Responds to real-time threats

  1. WebInspect

Tests dynamic behavior of web applications for the purpose of spotting security vulnerabilities

  1. Hashcat

Supports distributed cracking networks

  1. L0phtCrack

Fixes weak passwords issues by forcing a password reset or locking out accounts

  1. Rainbow Crack

  2. IKECrack

IKECrack is an authentication cracking tool with the bonus of being open source.

  1. Sboxr

Checks for over two dozen types of web vulnerabilities

  1. Medusa

One of the best tools for thread-based parallel testing and brute-force testing

  1. Cain and Abel

uncovers password fields, sniffs networks, recovers MS Access passwords, and cracks encrypted passwords using brute-force, dictionary, and cryptanalysis attacks.

  1. Zenmap

Administrators can track new hosts or services that appear on their networks and track existing downed services

Read More

2022-07-11
Self Hosted Web Applications

common web applications could be big, like search engines. this is a list of open-sourced self hosted services:

https://github.com/awesome-selfhosted/awesome-selfhosted

Read More