Web application testing

Tool categories

There are 2 tool collections available that cover Web application testing:

Security tools

The following security tools are linked to Web application testing and are worth investigating.

Admin Page Finder (PHP) (admin page discovery tool)
Arachni (web application scanner)
BlindElephant (web application fingerprinting)
Commix (command injection tool for web applications)
DorkNet (automate discovery of vulnerable web apps)
Jackhammer (collaboration tool)
Jawfish (web application scanner)
Spaghetti (web vulnerability scanner)
Susanoo (REST API security testing framework)
Wapiti (vulnerability scanner for web applications)
WhatWeb (website analyzer and fingerprinting tool)
Yasuo (vulnerability scanner for web applications)
ZAP (web application analysis)
hsecscan (website headers extraction)
jSQL Injection (automatic SQL database injection)
w3af (web application attack and audit framework)