Web application security

Tool categories

There are 4 tool collections available that cover Web application security:

Security tools

The following security tools are linked to Web application security and are worth investigating.

  • Arachni (web application scanner)
  • Commix (command injection tool for web applications)
  • django-axes (track failed login attempts for Django)
  • django-security (Security add-ons for Django)
  • DorkNet (automate discovery of vulnerable web apps)
  • hsecscan (website headers extraction)
  • iniscan (PHP configuration scanner)
  • Jackhammer (collaboration tool)
  • Jawfish (web application scanner)
  • JoomScan (vulnerability scanner for Joomla CMS)
  • jSQL Injection (automatic SQL database injection)
  • Spaghetti (web vulnerability scanner)
  • Suhosin (PHP security extension)
  • Susanoo (REST API security testing framework)
  • w3af (web application attack and audit framework)
  • Wapiti (vulnerability scanner for web applications)
  • WhatWeb (website analyzer and fingerprinting tool)
  • Yasuo (vulnerability scanner for web applications)
  • ZAP (web application analysis)