Security Test Tools

Web Site Security Test Tools

Zed Attack Proxy (ZAP) - An easy to use free open-source integrated penetration testing tool for finding vulnerabilities in web applications; a fork of the well regarded Paros Proxy. Designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Includes Intercepting Proxy, Automated scanner, Passive scanner, Brute Force scanner, Spider, Port Scanner, comprehensive help pages, cross platform, requires java 1.6.

SPIKE Proxy - Free tool from Immunity Inc. Not all web applications are built in the same ways, and hence, many must be analyzed individually. SPIKE Proxy is a professional-grade tool for looking for application-level vulnerabilities in web applications. It covers the basics, such as SQL Injection and cross-site-scripting, but it's completely open Python infrastructure allows advanced users to customize it for web applications that other tools fall apart on. SPIKE Proxy is available for Linux and Windows. Note: requires a working install of Python and pyOpenSSL on Linux. This is included in the Windows distribution.

Powerfuzzer - Open source automated customizable Web fuzzer; based on many other Open Source fuzzers available and information gathered from numerous security resources and websites. Capable of spidering website and identifying inputs. Capable of identifying common web vulnerabilities (incl. XSS, SQL Injection). Supports https. Written in python. Project leader is Marcin Kozlowski. Commercial version Powerfuzzer Online available as an online service.

nCircle Certified PCI Scan Service - External scan service from nCircle for all PCI Data Security Standard-relevant conditions. Upon completion of the scan, merchants have access to an auto-generated PCI Security Standards Council certified report. The scan report clearly indicates whether the merchant's payment network is secure, in which case the merchant may download the report and submit it to the acquiring bank.
SecPoint Penetrator - Site/network security testing tool from SecPoint ApS, available as penetration testing appliance or as a web-based service. Provides full vulnerability scanning, pen testing and capability to launch real exploits. Can change the IP addresses to scan on the license and can brand reports with your own logo. Scan for both Web and Host vulnerabilities; more than 14.000 remote unique vulnerabilities; including Cross Site Scripting (XSS), SQL Injection, Directory Traversal vulnerabilities, command execution vulnerabilities, information disclosure vulnerabilities, file inclusion vulnerabilities.

Netsparker - Web application security scanner from Mavituna Security with integrated exploitation features to allow users to exploit the identified vulnerabilities and see the real impact of the problem. Capabilities include: false-positive-free; handling of websites that rely on AJAX and Javascript; confirms vulnerabilities by exploiting them in a safe non-destructive manner; specific impact and remediation information is tailored based on details of issue. For Windows.

ZeroDayScan - Free web site security scanning service; capabilities include cross site scripting attacks (XSS), detects hidden firectories and backup files, looks for known security vulnerabilities, searches for SQL Injection vulnerabilities, generates free reports, more.

Fortify 360 - Security product from Fortify Software Inc. includes vulnerability detection. Integrates static source code analysis, dynamic runtime analysis, and real-time monitoring to identify and accurately prioritize the greatest number of critical security vulnerabilities. Capabilities include the Program Trace Analyzer (PTA) that finds vulnerabilities that become apparent only while an application is running - integrate into a QA test to find vulnerabilities while a functional test is being conducted on an application.

OWASP Security Testing Tools - Variety of free and open source web security testing tools via the OWASP (Open Web Application Security Project) site. SQLiX is an SQL injection vulnerability test tool that uses multiple techniques - conditional errors injection; blind injection based on integers, strings or statements, MS-SQL verbose error messages ("taggy" method); can identify database version and gather info for MS-Access, MS-SQL, MySQL, Oracle and PostgreSQL. Other security testing tools available include WebScarab, Tiger, LAPSE, Pantera, etc.

Retina Web Security Scanner - Vulnerability scanning tool from eEye Inc. for large, complex web sites and web applications. Identifies application vulnerabilities as well as site exposure risk, ranks threat priority, produces graphical, intuitive HTML reports, and indicates site security posture by vulnerabilities and threat level. Also performs an advanced site analysis on site structure, content and configuration to identify inherent exposure to future or emerging threats.

Hailstorm - Automated web security testing tool from Cenzic Inc.; customize and configure tests based on requirements, or use pre-sets for quick assessments. Capabilities include: prioritize vulnerabilities with a quantitative score called HARM; easy-to-use wizard-based interface; 'SmartAttacks' library, updated frequently; comprehensive reports with detailed remediation information and export capabilities; administrator control over user roles, tasks and privileges. Enterprise, Pro, Core, and Starter versions.

GamaSec - Automated online website vulnerability assessment delivers proactive tests to Web Servers, Web-interfaced Systems, and Web-based Applications. Configurable scan intervals/frequency. Supports a wide variety of HTTP Authentication schemes, common HTTP protocol, BASIC, NTLM with abilities to analyze the broadest web technologies; PHP, ASP.NET, ASP, etc.

Wikto - Web server security assessment tool for windows servers, open source, from SensePost. It's three main sections are its Back-End miner, Nikto-like functionality, and Googler to obtain additional directories for use by the other two. Includes ability to export results to CSV file

Nikto Scanner - Open source web server scanner from which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated.

HP WebInspect - WebInspect automated security assessment tool for web applications and services, from HP (Formely SPI Dynamics). Identifies known and unknown vulnerabilities, includes checks that validate proper web server configuration. Capabilities includes discovery of all XML input parameters and parameter manipulation on each XML field looking for vulnerabilities within the service itself. Requires Windows and MSIE.

AppScan - Tool suite from Rational/IBM (formerly Watchfire) automates web application security testing, produces defect analyses, and offers recommendations for fixing detected security flaws. Assessment module can be used by auditors and compliance officers to conduct comprehensive audits, and to validate compliance with security requirements.

Acunetix Web Vulnerability Scanner - Web site security testing tool from Acunetix first identifies web servers from a particular IP or IP range. It then crawls entire site, gathering information about every file it finds, and displaying website structure. After this discovery stage, it performs an automatic audit for common security issues. Applications utilizing CGI, PHP, ASP, ASP.NET can all be tested for vulnerabilities such as cross site scripting, SQL injection, CRLF injection, code execution, directory traversal and more. Acunetix WVS also ships with a number of advanced manual penetration testing tools to also ease the manual penetration test phase of a web application. Requires Windows and MSIE.

Defensics Core Internet Test Suite - Security testing tool from Codenomicon Onc. searches and pre-emptively eliminates security-related flaws from the implementations that create the backbone of the modern Internet and communication between the networked devices. This includes, but is not limited to, routers, switches, firewalls, desktop and server systems, laptops, PDAs, cell phones and other mobile systems, as well as a large number of various embedded systems. Because several protocols from this category are often tightly coupled with the underlying operating system, serious flaws in handling them may easily result in total system compromises.

Perimeter Check - SecurityMetrics 'Perimeter Check' service analyzes external network devices like servers, websites, firewalls, routers, and more for security vulnerabilities which may lead to interrupted service, data theft or system destruction. Includes instructions to help immediately remedy security problems. Can automatically schedule vulnerability assessment of designated IP addresses during low traffic times.

Core Impact Pro - Security testing tool from Core Security Technologies for web apps and other systems. Uses penetration testing techniques to safely identify exposures to critical, emerging threats and trace complex attack paths

C5 Compliance Platform - Security testing apliance from SecureElements Inc. for determining security and compliance status across heterogeneous systems. Identifies security vulnerabilities, finds compliance exposures, evaluates and matches exposures with fixes, provides ready to deploy remediations and enforcement actions, and summarized or detailed views of monitored assets, information security exposures, and compliance risks.

Snort - Open source network intrusion prevention and detection system from Sourcefire Inc.; uses a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. Can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

SecurityMetrics Appliance - Integrated software and hardware device includes Intrusion Detection and Prevention Systems and Vulnerability Assessment. Operates as a Layer 2 Bridge - no network configuration needed. Automatically downloads latest IDS attack signatures, vulnerability assessment scripts and program enhancements nightly.

Nessus - Vulnerability scanner from Tenable Network Security with high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. Free to download and subscriptions for vulnerability updates are free for home users; annual fee for Professional license. Updated continuously. Includes scripting language for writing custom plugins.

Security Center - Security management tool from Tenable Network Security for asset discovery, vulnerability detection, event management and compliance reporting for small and large enterprises. Includes management of vulnerability, compliance, intrusion and log data. Company also provides the Nessus Vulnerability Scanner, and Passive Vulnerability Scanner.

SARA - 'Security Auditor's Research Assistant' Unix-based security analysis tool from Advanced Research Corp. Supports the FBI/SANS Top 20 Consensus; remote self scan and API facilities; plug-in facility for third party apps; SANS/ISTS certified, updated bi-monthly; CVE standards support; based on the SATAN model. Freeware. Also available is 'Tiger Analytical Research Assistant' (TARA), an upgrade to the TAMU 'tiger' program - a set of scripts that scan a Unix system for security problems.

Qualys Free Security Scans - Several free security scan services from Qualys, Inc. including SANS/FBI Top 20 Vulnerabilities Scan, network security scan, and browser checkup tool.

GFiLANguard - Network vulnerability and port scanner, patch management and network auditing tool from GFI Software. Scans using vulnerability check databases based on OVAL and SANS Top 20, providing thousands of vulnerability assessments.

Qualys Guard - Online service that does remote network security assessments; provides proactive 'Managed Vulnerability Assessment', inside and outside the firewall,

Lumension Scan - Stand-alone network-based scanning solution from Lumension Security that performs a comprehensive external scan of all of the devices on your network, including servers, desktop computers, laptops, routers, printers, switches and more; risk-based prioritization of identified threats; continuously updated vulnerability database for orderly remediation; comprehensive reports of scan results

Secure-Me - Automated security test scanning service from for individual machines. Port scans, denial-of-service checks, 45 common web server vulnerability checks, web server requests-per-second benchmark, and a wide variety of other tests. Limited free or full licensed versions available.

SAINT - Security Administrator's Integrated Network Tool - Security testing tool from SAINT Corporation. An updated and enhanced version of the SATAN network security testing tool. Updated regularly; CVE compatible. Includes DoS testing, reports specify severity levels of problems. Single machine or full network scans. Also available is 'WebSAINT' self-guided scanning service, and SAINTbox scanner appliance. Runs on many UNIX flavors.

NMap Network Mapper - Free open source utility for network exploration or security auditing; designed to rapidly scan large networks or single hosts. Uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and many other characteristics. Runs on most flavors of UNIX as well as Windows.

NetIQ Security Analyzer - Multi-platform vulnerability scanning and assessment product. Systems are analyzed on demand or at scheduled intervals. Automatic update service allows updating with latest security tests. Includes a Software Developer's Kit to allow custom security test additions. For Windows/Solaris/Linux

Foundstone - Vulnerability management software tools from McAfee/Network Associates can provide comprehensive enterprise vulnerability assessments, remediation information, etc. Available as a hardware appliance, software product, or managed service.

OWASP Security Testing Tools Listing - Listing of commercial, free, and open source security testing tools, source code analyzers, and binary analysis tools via the OWASP (Open Web Application Security Project) site.

Top 100 Security Tools - Listing of 'top 100' network security tools from survey by (Includes various types of security tools, not just for testing.)

For gaining more insights in the automation using QTP log on to below url :
Automation Testing Using QTP


  1. One more! great, easy to use website scan tool Golem technologies


Post a Comment

Previous Post Next Post