Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Open Source SQL Inject, XSS, Remote File Include Testing
From: "Nikhil Wagholikar" <visitnikhil () gmail com>
Date: Mon, 21 May 2007 13:06:59 +0530

Hello Winsoc,

There are couple of open source tools for Pen-testing purpose, some of
them are mentioned below:

1.   OWASP WebScarab Project --
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

2.   Paros Proxy -- http://www.parosproxy.org/download.shtml

3.   BurpSuite -- http://portswigger.net/suite/

4.   Nikto -- http://www.cirt.net/code/nikto.shtml

5.   Oedipus -- http://oedipus.rubyforge.org/

6.   Priamos -- www.priamos-project.com

7.   Proxmon  -- http://www.isecpartners.com/proxmon.html

8.   WebSleuth -- http://www.xmcopartners.com/

9.   Nessus Security Scanner -- http://www.nessus.org/download/

10. Security Auditor's Research Assistant (SARA) --
http://www-arc.com/products.shtml



Beside these, there are live distros that bundle all Penetration
testing and Auditing tools in it. Some of them are:

1.    BackTrack -- http://www.remote-exploit.org/index.php/BackTrack

2.    Operator -- http://www.ussysadmin.com/operator/

3.    PHLAK -- http://www.phlak.org/modules/mydownloads/

4.    Auditor -- http://www.remote-exploit.org/index.php/Auditor_mirrors


So Enjoy Pen-Testing !!
--
Nikhil Wagholikar
Information Security Analyst

NII Consulting
Web: www.niiconsulting.com


On 5/20/07, jgervacio () seguridad unam mx <jgervacio () seguridad unam mx> wrote:
OWASP WebScarab Project
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
- Java Web Start version
  http://dawes.za.net/rogan/webscarab/WebScarab.jnlp

Parosproxy.org - Web Application Security
- Paros Scanner Function
http://www.parosproxy.org/faq.shtml

g3
Quoting winsoc <winsoc () googlemail com>:

> Can anyone recommend a quick and cheerful Open Source Tool which will test
> websites for SQL Injection, XSS, Remote File Include.
>
>
> Regards
> winsoc
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault