There`s no project in security that you have nothing to do with web-applications anymore . So how do you orchestrate your tricks and tools ? OWASP prepared a great resource , listing almost any useful tool released so far for auditing web-applications and related systems . Here it is :
http://www.owasp.org/index.php/Phoenix/Tools
Be warned that it should be considered only a kind of reference . Most of listed tools are copies of original ideas provided and implemented in some other tools . If there was something like "Top 10 web-hacking tools" it could be much more interesting and useful IMO , but that`s how OWASP like to manage it :)
http://www.owasp.org/index.php/Phoenix/Tools
Be warned that it should be considered only a kind of reference . Most of listed tools are copies of original ideas provided and implemented in some other tools . If there was something like "Top 10 web-hacking tools" it could be much more interesting and useful IMO , but that`s how OWASP like to manage it :)
really a profitable post.
ReplyDeleteRapacity before seeing this topic i have a question and i can not find a good question about it.
what is the difference between fuzzing and debugging ?
thanks.
L0pht