List of Web Application Security Testing Tools

This post list web application security testing tools.

List of Web Application Security Scanners

List web application security testing tools:

  • Wapiti
  • Acunetix WVS
  • WatcherWebSecurityTools
  • Netsparker
  • N-Stalker Web Application Security Scanner
  • OWASP Zap Baseline Scan
  • Arachni
  • Vega
  • Nessus
  • Skipfish
  • WebReaver
  • Web Site Security Audit (WSSA)
  • Syhunt Hybrid
  • IronWASP
  • WebWatchBot
  • Secunia PSI
  • KeepNI
  • Exploit-Me
  • x5s
  • HconSTF
  • PunkSca
  • SessionProbe

List of Web Application Security Scanner

Wapiti

http://wapiti.sourceforge.net

It is featured in CISSP exam.

Acunetix WVS

http://www.acunetix.com

WatcherWebSecurityTools

https://www.casaba.com

Netsparker

https://www.netsparker.com

N-Stalker Web Application Security Scanner

https://www.nstalker.com

OWASP Zap Baseline Scan

ZAP Baseline Scan is a Python script that scans a website and reports the results.
You may also have a look at OWASP Application Security Verification Standard (ASVS).

Official web

GitHub

Arachni

https://www.arachni-scanner.com

Vega

https://www.subgraph.com

Nessus

https://www.tenable.com

Skipfish

https://code.google.com/archive/p/skipfish/

WebReaver

https://www.websecurify.com

Web Site Security Audit (WSSA)

https://www.beyondsecurity.com

Syhunt Hybrid

http://www.syhunt.com

IronWASP

http://ironwasp.org

WebWatchBot

http://www.exclamationsoft.com

Secunia PSI

https://www.flexera.com

KeepNI

http://www.keepni.com

Exploit-Me

http://labs.securitycompass.com

x5s

https://www.casaba.com

HconSTF

http://www.hcon.in

PunkScan

https://bitbucket.org

SessionProbe

SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications.

It is free and open software (FOSS).

SessionProbe code repository

You might also be interested in…

Leave a Reply

Your email address will not be published. Required fields are marked *