Category Framework

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

The PTF (pentestration tests framework) enumerates the stages one’s should perform during a test (as described in the OSSTMM manual) Network footprinting Discovery & Probing Enumeration Vulnerability assessment Penetration (or exploitation) Plus other tests as well as physical, wireless assessment....

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment

w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

FireCAT map of oriented security auditing extensions for Mozilla Firefox has now its dedicated website.

Folks at SIsecurite.fr gave a great helping hand by collecting and downloading most extensions enumerated into the FireCAT map.

The PTF (pentestration tests framework) enumerates the stages one’s should perform during a test (as described in the OSSTMM manual) Network footprinting Discovery & Probing Enumeration Vulnerability assessment Penetration (or exploitation) Plus other tests as well as physical, wireless assessment....

BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc

The SANS Top 2007 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts

FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions

FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

Here is an article wrote by Jason Lam for Isc.sans.org. It was about Firefox and web application security testing.

CAL9000 is a collection of web application security testing tools that complement the feature set of current web proxies and automated scanners. CAL9000 gives you the flexibility and functionality you need for more effective manual testing efforts. Works best when used with Firefox or Internet Explorer.

W3af is a fully automated auditing and exploiting framework for the web. It is based upon plugins integration using known GPL tools as well as pytko, Hmap and google utilities .... W3af is written in Python.

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

A friend of mine Frederic Charpentier (senior security consultant) developed a good new web application scoring scale called CCWAPSS. CCWAPSS stands for Common Criteria Web Application Security and it aims to share a common evaluation method for web application security assessments/pentests between security auditors and final customers.

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.

FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions.