Penetration Testing: RE: Web Application Penetration Testing Tools

["Christophe, Pascal" <Pascal.Christophe () eads-telecom com>]

you can try websleuth... it's a great one...

you will found it on:
http://www.zone-h.org/en/download/category=70/

-----Message d'origine-----
De : Brian E [mailto:brian_anon () hotmail com]
Envoyé : mercredi 8 octobre 2003 03:25
À : pen-test () securityfocus com
Objet : Web Application Penetration Testing Tools




When performing penetration testing of web applications I have used a
minibrowser from www.aignes.com for a very long time. 

This simple application allows me to browse a web application and easily see
links, form elements, cookies, a log of actual commands being sent back and
forth and more. The ability to manipulate cookies and form elements makes it
very useful. 

Unfortunately, it's support as a web browser is limited so I can't test all
web applications (such as embeded scripts and frames). 

Does anyone know of some other good tools for auditing web applications with
the ability to manipulate form data and cookies before being sent to the
server? 

Preferably, I'm looking for something based on Windows that is browser based
(as opposed to proxy based) but am still open to all platforms and methods.

---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------