Category Application Scanner

SQLNinja v0.2.5 released!

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.

Read More

WhatWeb just updated to v0.4.2

WhatWeb is a next generation web scanner that identifies what websites are running. Flexible plugin architecture with over 80 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver

Read More

WhatWeb v0.4.1 - released

Identifying content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Licensed under GPLv3.

Read More

NSIA (Network System Integrity Analysis) v0.8.99 released

The ThreatFactor NSIA is a website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. ThreatFactor detects issues remotely and therefore requires no software to install, does not introduce any latency and will not interrupt business operations.

Read More

Acunetix WVS v6.5 build 20100419 released

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

Read More

Skipfish v1.33b released

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.

Read More

Sandcat v4.0 released

Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.

Read More

Burp Suite Pro v1.3.02 released

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

Read More

Acunetix WVS v6.5 build 20100407 released

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.

Read More

Netsparker® Free Community Edition released

Netsparker Community Edition is False Positive Free and can detect both SQL Injection and Cross-site Scripting issues better than many other scanners.
Netsparker Community Edition also detects many other vulnerabilities such as finding and reporting backup files, source code disclosures, Crossdomain.xml issues, SVN/CVS disclosures, internal path disclosures, error messages and many more.

Read More

(update) Skipfish Active web application scanner v1.29b released

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.

Read More

CMS Explorer v1.0 released - Discover the CMS components behind the site -

CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.

Read More

W3AF v1.0-rc3 released

w3af, is a Web Application Attack and Audit Framework. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much

Read More

DBAPPSecurity web application scanner MatriXay 3.6 was released

Read More

Seccubus v1.4.1 released

Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting.

Read More

ZeroDayScanner SaaS Free Security Scan Service

ZeroDayScan is a free security web scanning service brought to you by experienced security experts. The service is provided free of charge.

Read More

Burp Suite v1.3.01 released

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

Read More

Focus on scRUBYt! v0.4.11 the powerful web scraping tool

scRUBYt! is a simple but powerful web scraping toolkit written in Ruby. It’s purpose is to free you from the drudgery of web page crawling, looking up HTML tags, attributes, XPaths, form names and other typical low-level web scraping stuff by figuring these out from your examples copy’n’pasted from the Web page or straight from Firebug.

Read More

SQLFury SQL Injection for Adobe Air runtime v1.1.6 availabe

SQLFury is an injection scanner that uses blind SQL injection techniques to extract information from a target database. It targets Air Abobe AIR Runtime

Read More

Burp Intruder Botox announces many improvements

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

Read More
1 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10