Web application testing

Tool categories

There are 2 tool collections available that cover Web application testing:

Security tools

The following security tools are linked to Web application testing and are worth investigating.

  • Admin Page Finder (PHP) (admin page discovery tool)
  • Arachni (web application scanner)
  • BlindElephant (web application fingerprinting)
  • Commix (command injection tool for web applications)
  • DorkNet (automate discovery of vulnerable web apps)
  • Jackhammer (collaboration tool)
  • Jawfish (web application scanner)
  • Spaghetti (web vulnerability scanner)
  • Susanoo (REST API security testing framework)
  • Wapiti (vulnerability scanner for web applications)
  • WhatWeb (website analyzer and fingerprinting tool)
  • Yasuo (vulnerability scanner for web applications)
  • ZAP (web application analysis)
  • hsecscan (website headers extraction)
  • jSQL Injection (automatic SQL database injection)
  • w3af (web application attack and audit framework)