Web Security ToolsTools that may help you find vulnerabilities in your code, server, or website.
|Observatory||Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely.||X|
|haveibeenpwned||The term ‘pwned’ is slang for ‘owned’ which in the security industry means “to have your data or system compromised”.||X|
|Metasploit||A collaboration of the open source community and Rapid7. Our penetration testing software, Metasploit, helps verify |
vulnerabilities and manage security assessments.
|Theme Check||Themecheck.org is a quick service that lets you verify WordPress themes for security and code quality.|
This service is free and compatible with Joomla templates.
|VirusTotal||VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware. (files, url, ip)||X|
|FOCA||FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages, and can be downloaded and analyzed with FOCA.|
It is capable of analyzing a wide variety of documents, with the most common being Microsoft Office, Open Office, or PDF files, although it also analyzes Adobe InDesign or SVG files, for instance.
|Cymon||Cymon is the largest open tracker of malware, phishing, botnets, spam, and more. Brought to you by eSentire.||X|
|Mnemonic||PassiveDNS service lets you look up domains and IPs and what they've recently resolved to without performing an actual DNS query.||X|
|Lnav||It automatically detects your log file formats, provides syntax highlighting and a host of other features to view and analyze log files. It can be invaluable when analyzing a compromised website.||X|
|UnPHP||UnPHP is a free service for analyzing obfuscated and malicious PHP code.||X|
|Openvas||The world's most advanced Open Source vulnerability scanner and manager||X|
|SQLmap||An open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers.||X|
|BeEF||BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.||X|
|FireFox HackBar||This toolbar will help you in testing sql injections, XSS holes and site security. It is NOT a tool for executing standard exploits and it will NOT teach you how to hack a site. Its main purpose is to help a developer do security audits on his code. If you know what your doing, this toolbar will help you do it faster.||X
|Nmap||Network Mapper is a security scanner, used to discover hosts and services on a computer network, thus building a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host(s) and then analyzes the responses.||X|