Category: Web AppSec

Penetration Testing Reporting

APTRS: Automated Penetration Testing Reporting System

APTRS APTRS (Automated Penetration Testing Reporting System) is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also...

Java Code Analysis Tool

tabby: A Java Code Analysis Tool

Tabby Tabby has been recognized by the academic community and accepted for publication in The 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2023). Tabby is a Java Code Analysis Tool...

Bypass 4xx HTTP response

forbidden: Bypass 4xx HTTP response status codes

Forbidden Bypass 4xx HTTP response status codes. Script uses multithreading, and is based on brute-forcing so might have some false positives. Script uses colored output. Results will be sorted by HTTP response status code...

black-box vulnerability scanner

Wapiti: web-application vulnerability scanner

Wapiti works as a “black-box” vulnerability scanner, that means it won’t study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links...

XSS Scanning tool

dalfox: Parameter Analysis and XSS Scanning tool

What is DalFox DalFox is a powerful open-source tool that focuses on automation, making it ideal for quickly scanning for XSS flaws and analyzing parameters. Its advanced testing engine and niche features are designed...