Penetration Testing mailing list archives
Re: Open Source SQL Inject, XSS, Remote File Include Testing
From: "Nikhil Wagholikar" <visitnikhil () gmail com>
Date: Mon, 21 May 2007 13:06:59 +0530
Hello Winsoc, There are couple of open source tools for Pen-testing purpose, some of them are mentioned below: 1. OWASP WebScarab Project -- http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project 2. Paros Proxy -- http://www.parosproxy.org/download.shtml 3. BurpSuite -- http://portswigger.net/suite/ 4. Nikto -- http://www.cirt.net/code/nikto.shtml 5. Oedipus -- http://oedipus.rubyforge.org/ 6. Priamos -- www.priamos-project.com 7. Proxmon -- http://www.isecpartners.com/proxmon.html 8. WebSleuth -- http://www.xmcopartners.com/ 9. Nessus Security Scanner -- http://www.nessus.org/download/ 10. Security Auditor's Research Assistant (SARA) -- http://www-arc.com/products.shtml Beside these, there are live distros that bundle all Penetration testing and Auditing tools in it. Some of them are: 1. BackTrack -- http://www.remote-exploit.org/index.php/BackTrack 2. Operator -- http://www.ussysadmin.com/operator/ 3. PHLAK -- http://www.phlak.org/modules/mydownloads/ 4. Auditor -- http://www.remote-exploit.org/index.php/Auditor_mirrors So Enjoy Pen-Testing !! -- Nikhil Wagholikar Information Security Analyst NII Consulting Web: www.niiconsulting.com On 5/20/07, jgervacio () seguridad unam mx <jgervacio () seguridad unam mx> wrote:
OWASP WebScarab Project http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project - Java Web Start version http://dawes.za.net/rogan/webscarab/WebScarab.jnlp Parosproxy.org - Web Application Security - Paros Scanner Function http://www.parosproxy.org/faq.shtml g3 Quoting winsoc <winsoc () googlemail com>: > Can anyone recommend a quick and cheerful Open Source Tool which will test > websites for SQL Injection, XSS, Remote File Include. > > > Regards > winsoc > > > ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Are you using SPI, Watchfire or WhiteHat? > Consider getting clear vision with Cenzic > See HOW Now with our 20/20 program! > > http://www.cenzic.com/c/2020 > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Open Source SQL Inject, XSS, Remote File Include Testing winsoc (May 19)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing jgervacio (May 20)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Nikhil Wagholikar (May 21)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Rodrigo Montoro (Sp0oKeR) (May 21)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Marco Ivaldi (May 21)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing Marco Ivaldi (May 24)
- Re: Open Source SQL Inject, XSS, Remote File Include Testing jgervacio (May 20)