-
Notifications
You must be signed in to change notification settings - Fork 2.1k
othertools
encoding
napkin http://www.0x90.org/releases/napkin/
sqli
bsql-bf2 http://code.google.com/p/bsqlbf-v2/
web raider http://www.mavitunasecurity.com/blog/webraider/
sqlsus for mysql http://sqlsus.sourceforge.net/index.html
sfx-sqli for ms-sql http://www.kachakil.com/papers/SFX-SQLi-en.htm
sqlbrute - ms-sql and oracle - http://www.justinclarke.com/archives/2006/03/sqlbrute.html
proxy
owasp zap (recommended, has fuzzdb plugin) https://github.com/zaproxy
burp suite http://portswigger.net/
cat http://www.contextis.co.uk/resources/tools/cat/
webscarab http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project#Download]
fuzzer
owasp Zap https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
burp intruder http://portswigger.net/
jbrofuzz http://sourceforge.net/projects/jbrofuzz/
webscarab http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project#Download
pywebfuzz, a python implementation of fuzzdb, and much more http://code.google.com/p/pywebfuzz/
other brute force tools
CMS Explorer (the file patterns are in fuzzdb, but cms-explorer does more than that) http://code.google.com/p/cms-explorer/