Re: Open Source SQL Inject, XSS, Remote File Include Testing

Hello Winsoc,

There are couple of open source tools for Pen-testing purpose, some of
them are mentioned below:

1. OWASP WebScarab Project --
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

2. Paros Proxy -- http://www.parosproxy.org/download.shtml

3. BurpSuite -- http://portswigger.net/suite/

4. Nikto -- http://www.cirt.net/code/nikto.shtml

5. Oedipus -- http://oedipus.rubyforge.org/

6. Priamos -- www.priamos-project.com

7. Proxmon -- http://www.isecpartners.com/proxmon.html

8. WebSleuth -- http://www.xmcopartners.com/

9. Nessus Security Scanner -- http://www.nessus.org/download/

10. Security Auditor's Research Assistant (SARA) --
http://www-arc.com/products.shtml



Beside these, there are live distros that bundle all Penetration
testing and Auditing tools in it. Some of them are:

1. BackTrack -- http://www.remote-exploit.org/index.php/BackTrack

2. Operator -- http://www.ussysadmin.com/operator/

3. PHLAK -- http://www.phlak.org/modules/mydownloads/

4. Auditor -- http://www.remote-exploit.org/index.php/Auditor_mirrors


So Enjoy Pen-Testing !!
--
Nikhil Wagholikar
Information Security Analyst

NII Consulting
Web: www.niiconsulting.com


On 5/20/07, jgervacio@xxxxxxxxxxxxxxxxx <jgervacio@xxxxxxxxxxxxxxxxx> wrote:
OWASP WebScarab Project
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
- Java Web Start version
http://dawes.za.net/rogan/webscarab/WebScarab.jnlp

Parosproxy.org - Web Application Security
- Paros Scanner Function
http://www.parosproxy.org/faq.shtml

g3
Quoting winsoc <winsoc@xxxxxxxxxxxxxx>:

> Can anyone recommend a quick and cheerful Open Source Tool which will test
> websites for SQL Injection, XSS, Remote File Include.
>
>
> Regards
> winsoc
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Relevant Pages

  • Re: Damn you, FEDEX! or Nikon D40 lost in Springfield, MO blackhole.
    ... the 2 mp Mavica he had been using with a Nikon D40. ... After shopping around, he got me to order one for him. ... The shipper had it insured, but from what I have read it could take weeks to sort this crap out. ... You may get your insurance from FedEx and a couple weeks later they find it and deliver it. ...
    (alt.photography)
  • Newtons Cradle with unequal deviding masses
    ... if you have a "newton cradle" with for example 9 pendulums. ... they all have the same mass, except for the most left one. ... M=integer*Mx these equasions have no solution. ... separate balls with mass Mx and velovity Vs and Vt the ...
    (sci.physics)
  • Re: The Sci-Fi Rejection Letter That Time Forgot
    ... nations have stockpiled arsenals of these incredible bombs and the time the story is set. ...
    (rec.arts.sf.written)
  • RE: copied music cds have a skip in last 18 seconds
    ... If installing all missing Windows Updates doesn't fix your problem ... xiowan.......in tucson ...
    (microsoft.public.windows.mediacenter)