Outils d'utilisateurs

Outils du Site



Recon & Mapping

Burp Suite

  • Its various tools (proxy, spider, scanner, intruder, repeater, sequencer, etc.) work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.


  • It’s a tool that spiders a target site and creates a list of all unique words found on the site.


  • It’s a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these.

Fierce Domain Scanner

  • It’s a scanner that tests your DNS for a zone transfer and then goes ahead and performs a brute force against your domain. Testing a list of sub domains against your domain to attempt to find other servers and IP addresses.


  • It scans Google Profiles for people who associate themselves with a specified company. Great for reconnaissance work.

Maltego CE

  • It’s an open source intelligence and forensics application that does data mining to find information from the internet and link it together (great for background research on a target).


  • It’s a web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.


  • Through Paros's proxy nature, all HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted and modified.


  • It’s a framework to find and exploit web application vulnerabilities that is easy to use and extend.


  • It’s a framework with lots of modules (proxy, spider, session ID analyser, fuzzer, etc.) for analysing applications that communicate using the HTTP and HTTPS protocols. (OWASP)


  • It’s an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies.


  • It is a multi-threaded, multi-platform web server audit that gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing.

Zed Attack Proxy

  • It is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. (OWASP)


  • It is a NMAP graphical front end


Burp Suite

  • See definition of Burp Suite in Recon & Mapping


  • It processes an SWF and extracts all scripts from it. Only ActionScript is extracted.


  • It has automated testing module for detecting common web application vulnerabilities
  • N/A


  • It is a web application fuzzer for requests being made over HTTP or HTTPS. (OWASP)


  • It is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application.

Rat Proxy

  • It’s a semi-automated, passive web application security audit tool.


  • It is a penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.


  • See definition of w3af in Recon & Mapping


  • It performs “black-box” scans and scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.


  • It works like a local proxy. It supports passive and active checks. Passive checks are more like filter functions (used to collect useful information, e.g. email or IP addresses). Active produces a high number of requests (depending on the check module) because they do the automatic part of vulnerability identification, e.g. during a scan.


  • See definition of WebScarab in Recon & Mapping


  • See definition of WebShag in Recon & Mapping

Zed Attack Proxy

  • See definition of Zed Attack proxy in Recon & Mapping



  • It is a JavaScript exploit generation framework that works through the console focused on XSS fail.
  • N/A


  • It is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments. They provide functionality such as shell, DNS query, LDAP retrieval and others.


  • The Metasploit Framework is the actual development platform used to create security test tools and exploit modules and can also be used as a penetration testing system. It is an extremely powerful command-line tool that has released some of the most sophisticated exploits to public security vulnerabilities. It’s also known for its anti-forensic and evasion tools, which are built into the Metasploit Framework.


  • It is a dynamic request attack tool. It allows you to do some interesting things with various forms of cross-site requests and play them back to the user’s browser. These requests may contain session information bypassing Cross-Site Request Forgery protection mechanisms.
  • N/A


  • It is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities.


  • See definition of SQLmap in Discovery


  • It is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.


  • See definition of w3af in Recon & Mapping


  • It is a project focused on creating fingerprinting code that is deliverable through some form of client attack.

Zed Attack Proxy

  • See definition of Zed Attack Proxy in Recon & Mapping



  • This project's goal is to create a “best practices” web application penetration testing framework which users can implement in their own organizations and a “low level” web application penetration testing guide that describes how to find certain issues.

Operating Systems

Samurai WTF

  • The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.
outils_web.txt · Dernière modification: 2017/04/09 15:33 (modification externe)