Pentest tools - HackMD

# Web security pentest tools ## HTTP Proxy * Burp Suite - https://portswigger.net/burp * OWASP Zap - https://www.zaproxy.org/ * Charles - https://www.charlesproxy.com/ * mitmproxy - https://mitmproxy.org/ ## Web Vurl scanners * Nikto - https://github.com/sullo/nikto * w3af - https://github.com/andresriancho/w3af * Skipfish - https://github.com/spinkham/skipfish ## Vurl scanners * Nessus - https://www.tenable.com/products/nessus * OpenVAS - https://www.openvas.org/ * Qualys - https://www.qualys.com/ ## SQLi * SQLMap - https://sqlmap.org/ * sqlninja - https://sqlninja.sourceforge.net/ * BBQSQL - https://github.com/CiscoCXSecurity/bbqsql ## XML injection * xxeploiter - https://github.com/luisfontes19/xxexploiter * XCat - https://github.com/orf/xcat ## XSS * XSStrike - https://github.com/s0md3v/XSStrike * XSSer - https://github.com/epsylon/xsser * XSS-Sniper - https://github.com/gbrindisi/xsssniper * XSSMe - https://github.com/SecurityCompass/XSSMe ## Fuzzer * Wfuzz - https://github.com/xmendez/wfuzz * Fuff - https://github.com/ffuf/ffuf * GoBuster - https://github.com/OJ/gobuster ## Recon * DNSEnum - https://www.kali.org/tools/dnsenum/ * Fierce - https://github.com/mschwager/fierce * DNSRecon - https://github.com/darkoperator/dnsrecon * theHarvester - https://github.com/laramies/theHarvester * Maltego - https://www.maltego.com/ * Recon-ng - https://github.com/lanmaster53/recon-ng * WhatWeb - https://github.com/urbanadventurer/WhatWeb * Shodan - https://www.shodan.io/ * Censys - https://search.censys.io/ * Google dorks ## SSL/TLS scanner * SSLyze - https://github.com/nabla-c0d3/sslyze * sslscan2 - https://github.com/rbsec/sslscan ## PwnTool * Metasploit - https://www.metasploit.com/ * Armitage GUI - https://www.offsec.com/metasploit-unleashed/armitage/ ## Browser plug-ins * Wappalyzer - https://www.wappalyzer.com * FoxyProxy - https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard https://chromewebstore.google.com/detail/foxyproxy/gcknhkkoolaabfmlnjonogaaifnjlfnp * retire.js - https://github.com/RetireJS/retire.js * Down-Them-All - ## Exploits * ExploitDB - https://www.exploit-db.com/ # Pentest phase categorisation ### Pre-Engagement Phase: Browser plug-ins: Wappalyzer FoxyProxy retire.js ### Reconnaissance/Information Gathering: Recon: DNSEnum Fierce DNSRecon theHarvester Maltego Recon-ng WhatWeb Google dorks Shodan Censys ### Vulnerability Analysis: Web Vulnerability Scanners: Nikto w3af Skipfish Vurl Scanners: Nessus OpenVAS Qualys Fuzzer: Wfuzz Fuff GoBuster SSL/TLS Scanner: SSLyze sslscan2 ### Exploitation: HTTP Proxy: Burp Suite OWASP Zap Charles mitmproxy SQLi: SQLMap sqlninja BBQSQL XML Injection: xxeploiter XCat XSS: XSStrike XSSer XSS-Sniper XSSMe PwnTool: Metasploit Armitage GUI ### Exploits: Exploit: ExploitDB ### Miscellaneous: Browser plug-ins: Wappalyzer FoxyProxy retire.js Exploits: ExploitDB