Many of the sites are impenetrable daily, and the most important reasons for these breakthroughs that managers Aigmon sites to search for security holes in their sites using some of the tools available on the Internet on the one hand, either on the other hand use of these tools remain the preserve of hackers! It said this category are used heavily in the discovery of security vulnerabilities in websites and penetrate. For it in this post I wanted to tell you a list of the most popular applications used by the hacker to discover gaps in security at the sites.
Application Vega
vega, is one of the most famous discovery tools security gaps in the sites and used by hackers, since it is able to detect security lapses as (cross site scripting, file inclusion SQL injection, directory listing, shell injection,). The tool is based on java graphical interface facilitates enjoys life on the remains of used to her employer that selects only some of the settings on how to handle the tool with the goal began to be a comprehensive survey of the site and detect security loopholes.
link: subgraph.com/vega
Application w3af
w3af is one of the most dangerous tools, for myself, I respect this tool dramatically. Evger tool it is very famous among security experts and hackers, it is very strong! . Since the tool is able to detect all kinds of loopholes (SQL injection) and gaps (Cross-Site Scripting), as it comes Busbandtin graphical interface and the interface Terminal.
Of course, the graphical interface is very easy to use it will not find any of the problems of operating in, where it remains as it is a tool for Vega do only identifies some of the choices were scurrying!
Of course, the graphical interface is very easy to use it will not find any of the problems of operating in, where it remains as it is a tool for Vega do only identifies some of the choices were scurrying!
link : http://w3af.org
Application SQLMap
It does not know! SQL Mapp known by his power and tyranny with respect to the discovery of all kinds of loopholes SQL injection is working to automate the process of searching for loopholes SQL in Web applications, and that the tool supports Medm databases famous and adopted by many sites such as (MySQL, Oracle, PostgreSQL, Microsoft SQL Server , Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB).
Application WFUZZ
Wfuzz the latter specializes in the function test (POST) and (GET) in order to detect some of the gaps in (SQL, XSS, LDAP) as it can be used in the detection of gaps Alproxa, the verification system (Authentication) and also can be used in the work cookies fuzzing .llaharh in the application Wfuzz settings lacking on the graphical interface for the operation of this would be by writing a set of commands in Altermainal.
Application Grendel-Scan
You'll find a tool that has many of the explanations in the web, they are automates the process of detecting security gaps at the sites, where they can detect gaps Medm known, as it supports all operating systems Kuindwz Mac and Linux.
Application Arachni
Arachni tool is a tool that detects most of the web gaps in the target location, the most important gaps (Local File inclusion) and gaps (remote file inclusion) known its seriousness. Tool works only on Mac and Linux as it is integrated Vermourk can be downloaded from the link below.
0 comments:
Post a Comment