Download A free penetration testing toolkit for free. Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembl. HackPorts was developed as a penetration testing framework with accompanying tools and exploits that run natively on Mac platforms. HackPorts is a ‘super-project’ that leverages existing code porting efforts, security professionals can now use hundreds of penetration tools on Mac systems without the need for Virtual Machines.
- Penetration Testing Tutorial
- Penetration Testing Resources
WordPress Vulnerability Scanner - WPScan - Use Cases. This tool helps you to discover security issues and vulnerabilities in the target WordPress website using the most advanced WordPress scanner: WPScan. These files are what is created by the free tool “Mac Linux USB Loader” After you extract thee files, copy the whole root folder (titled efi) to your USB drive partition.
- Selected Reading
Penetration testing, normally consists of information gathering, vulnerability and risk analysis, vulnerability exploits, and final report preparation.
It is also essential to learn the features of various of tools which are available with penetration testing. This chapter provides information and insights about these features.
![Wp pen testing tools for mac Wp pen testing tools for mac](/uploads/1/2/6/5/126552587/355120499.jpg)
What are Penetration Testing Tools?
The following table collects some of the most significant penetration tools and illustrates their features −
Tool Name | Purpose | Portability | Expected Cost |
---|---|---|---|
Hping | Port Scanning Remote OC fingerprinting | Linux, NetBSD, FreeBSD, OpenBSD, | Free |
Nmap | Network Scanning Port Scanning OS Detection | Linux, Windows, FreeBSD, OS X, HP-UX, NetBSD, Sun, OpenBSD, Solaris, IRIX, Mac, etc. | Free |
SuperScan | Runs queries including ping, whois, hostname lookups, etc. Detects open UDP/TCP ports and determines which services are running on those ports. | Windows 2000/XP/Vista/7 | Free |
p0f | Os fingerprinting Firewall detection | Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Solaris, Windows, and AIX | Free |
Xprobe | Remote active OS fingerprinting Port Scanning TCP fingerprinting | Linux | Free |
Httprint | Web server fingerprinting SSL detection Detect web enabled devices (e.g., wireless access points, switches, modems, routers) | Linux, Mac OS X, FreeBSD, Win32 (command line & GUI | Free |
Nessus | Detect vulnerabilities that allow remote cracker to control/access sensitive data | Mac OS X, Linux, FreeBSD, Apple, Oracle Solaris, Windows | Free to limited edition |
GFI LANguard | Detect network vulnerabilities | Windows Server 2003/2008, Windows 7 Ultimate/ Vista, Windows 2000 Professional, Business/XP, Sever 2000/2003/2008 | Only Trial Version Free |
Iss Scanner | Detect network vulnerabilities | Windows 2000 Professional with SP4, Windows Server 2003 Standard with SO1, Windows XP Professional with SP1a | Only Trial Version Free |
Shadow Security Scanner | Detect network vulnerabilities, audit proxy and LDAP servers | Windows but scan servers built on any platform | Only Trial Version Free |
Metasploit Framework | Develop and execute exploit code against a remote target Test vulnerability of computer systems | All versions of Unix and Windows | Free |
Brutus | Telnet, ftp, and http password cracker | Windows 9x/NT/2000 | Free |
Join hundreds of InfoSec professionals at our upcoming [Global AppSec DC, September 9-13] and [Global AppSec Amsterdam, September 23-27] |
- 1Penetration Testing Tools
Penetration Testing Tools
Information Gathering Tools
- Fingerprinting
Name | Owner | Licence | Platforms |
httprint | NetSquare Inc | no cost for personal, educational and non-commercial use. | Win, Lin, Mac, FreeBSD |
httprecon | Marc Ruef | GPL | Win |
Netcraft | Netcraft Inc | N/A | WebBased |
WebRecon | Aung Khant | GPL | WebBased |
![Wp Pen Testing Tool For Mac Wp Pen Testing Tool For Mac](/uploads/1/2/6/5/126552587/283037736.png)
Configuration Management Testing Tools
- SSL Testing
Name | Owner | Licence | Platforms |
OpenSSL | OpenSSL Software Foundation | Apache-style license | Win, Lin, Mac, FreeBSD |
SSL Digger | Intel Corporation | McAfee Software royalty-Free License | Win, Windows .NET Framework |
- DB Listener Testing
Name | Owner | Licence | Platforms |
TNS Listener | |||
Toad | Dell Inc. |
Authentication Testing Tools
- Password Brute Force Testing
Name | Owner | Licence | Platforms |
Burp Intruder | |||
Brutus | |||
Cain & Abel | oxid | Freeware | Windows |
John the Ripper | |||
Ophcrack | |||
THC Hydra | The Hacker's Choise | Lin |
Session Management Testing Tools
Name | Owner | Licence | Platforms |
CookieDigger |
Authorization Testing Tools
Data Validation Testing Tools
- Fuzzers
- SQL Injection Testing
- XSS Testing
- Buffer Overflow Testing
Name | Owner | Licence | Platforms |
Skipfish | N/A | Apache | Linux |
w3af | NA | GPL v2 | Python required (cross platform) |
Pen Testing Tool
Denial of Service Testing Tools
Web Services Testing Tools
Ajax Testing Tools
HTTP Traffic Monitoring
- Web Proxies
Name | Owner | Licence | Platforms |
Burp Suite | |||
Paros Proxy | |||
Webscarab | |||
TamperIE | |||
Tamper Data | |||
SPIKE Proxy | |||
Suru Web Proxy | |||
Charles | |||
Odysseus | |||
JS Commander | |||
ratproxy |
- Sniffers
Encoders / Decoders
- CAPTCHA Decoders
Name | Owner | Licence | Platforms |
PWNtcha | |||
The Captcha Breaker |
Wp Power Tools
Web Testing Frameworks
Name | Owner | Licence | Platforms |
w3af | Andres Riancho and w3af team | GPLv2 | Windows, Linux |
Websecurify | GNUCITIZEN / Websecurify | GPLv2 | Windows, Mac OS, Linux |
ZeroDayScan | Free | Online, Cloud |
Open Source Pen Testing Tools
This category currently contains no pages or media.
Web Pen Testing Tools
Retrieved from 'https://www.owasp.org/index.php?title=Category:Penetration_Testing_Tools&oldid=217931'