Web Application Hacking Tools

Web Application Hacking Tools

Skipfish: A free and open-source web application security reconnaissance tool for Kali Linux. Skipfish crawls a website to generate an interactive sitemap and then performs a number of security checks

Grendel-Scan: A free and open-source automated web application scanning tool. Grendel-Scan also supports features for manual security testing.

Vega: A free and open-source web vulnerability scanner and testing platform. Vega can search for security flaws such as SQL injection, cross-site scripting, and exposure of sensitive data.

WebScarab: A free and open-source web application vulnerability testing tool. WebScarab is written in Java and offers a modular set of interface components that users can swap in and out.

IronWASP: A free and open-source web application security testing platform. IronWASP provides a number of pre-built plugins and also allows users to create their own.

Forensic Tools

• EnCase: Paid software for digital forensics and incident response software. EnCase processes files quickly and efficiently and supports a wide range of computers and mobile devices.

• Autopsy: A free and open-source digital forensics platform. Autopsy supports computer hard drives and smartphones and can be extended through several add-on modules

• SIFT: A free and open-source toolkit for forensic analysis and triage. SIFT includes support for dozens of file systems and images and offers tools for incident response.

• FTK: Paid forensic investigation software with a demo. FTK allows users to create full-disk forensic images and handles various data types.

• X-Ways Forensics: Paid forensic software with advanced file carving. X-Ways Forensics is a high-performance, resource-efficient tool that is fully portable on a USB drive.

• Helix3 Pro: A paid incident response and forensic live CD. The Helix3 Pro can make forensic images of all internal devices and physical memory across Windows, macOS, and Linux.

• Foremost: A free and open-source Linux-based file recovery tool for forensic analysis. Foremost is intended for law enforcement purposes but supports other use cases.

• Scalpel: A free and open-source fast file carver based on Foremost for digital forensics. Scalpel is more efficient than Foremost and supports Windows, macOS, and Linux devices.

• The Sleuth Kit: A free and open-source library of digital investigation software. The Sleuth Kit allows users to investigate disk images and analyze volume and system data

• CAINE: A free and open-source Linux-based digital forensics environment. CAINE offers a user-friendly graphical interface and provides dozens of tools and integrations with other software.