Free or Open Source:
Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of modern web applications.
It is free, with its source code public and available for review.
It is multi-platform, supporting all major operating systems (MS Windows, Mac OS X and Linux) and distributed via portable packages which allow for instant deployment.
http://www.arachni-scanner.com/
OWASP ZAP Proxy:
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
No comments:
Post a Comment