Category: Web AppSec

Java Code Analysis Tool

tabby: A Java Code Analysis Tool

Tabby Tabby has been recognized by the academic community and accepted for publication in The 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2023). Tabby is a Java Code Analysis Tool...

Bypass 4xx HTTP response

forbidden: Bypass 4xx HTTP response status codes

Forbidden Bypass 4xx HTTP response status codes. Script uses multithreading, and is based on brute-forcing so might have some false positives. Script uses colored output. Results will be sorted by HTTP response status code...

black-box vulnerability scanner

Wapiti: web-application vulnerability scanner

Wapiti works as a “black-box” vulnerability scanner, that means it won’t study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links...

XSS Scanning tool

dalfox: Parameter Analysis and XSS Scanning tool

What is DalFox DalFox is a powerful open-source tool that focuses on automation, making it ideal for quickly scanning for XSS flaws and analyzing parameters. Its advanced testing engine and niche features are designed...

pentest reporting application

auditforge: A pentest reporting application

AuditForge AuditForge (PwnDoc fork) is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to search...