Web application security
Tool categories
There are 4 tool collections available that cover Web application security:
Security tools
The following security tools are linked to Web application security and are worth investigating.
- Arachni (web application scanner)
- Commix (command injection tool for web applications)
- DorkNet (automate discovery of vulnerable web apps)
- Jackhammer (collaboration tool)
- Jawfish (web application scanner)
- JoomScan (vulnerability scanner for Joomla CMS)
- Spaghetti (web vulnerability scanner)
- Suhosin (PHP security extension)
- Susanoo (REST API security testing framework)
- Wapiti (vulnerability scanner for web applications)
- WhatWeb (website analyzer and fingerprinting tool)
- Yasuo (vulnerability scanner for web applications)
- ZAP (web application analysis)
- django-axes (track failed login attempts for Django)
- django-security (Security add-ons for Django)
- hsecscan (website headers extraction)
- iniscan (PHP configuration scanner)
- jSQL Injection (automatic SQL database injection)
- w3af (web application attack and audit framework)