- Setting up Your Lab with Kali Linux: Having a completely sepatate laptop installed with Kali Linux on the physical hard drive with suffcient amount of RAM and a high-speed proccessor to crunch in password hashes and rainbow tables is the way that most experienced penetration testers follow.While doing a real-world penetration test you need to have at least 8GB RAM on your machine.A high-speed network port and a wireless network card that allows packet injection is also an important part of the test’s toolkit.
Web application proxies
- WebScarab
- Zed Attack Proxy(successor of WebScarab)
- Burp Suit
- ProxyStrike(not only intercepts the request and response but also actively finds vulnerabilities.It has modules to find SQL injection and XSS flaws.)
Web vulnerability scanner
- Nikto
- skipfish
- Web Crawler-Dirbuster
- OpenVAS
Database exploitation
- SQLNinjia:tool to attack vulnerable Mssql and gain shell access
- sqlmap
CMS identification tools
- wpscan
- Plecost:is a WordPress finger printer tool and can be userd to retrieve information about the plugins installed and display CVE code against each vulnerable plugin.
- joomscan
Web application fuzzers
- Burpsuite and WebScarab
- Wfuzz
Using Tor for penetration testing
01-14
4594
4594
“相关推荐”对你有帮助么?
-
非常没帮助 -
没帮助 -
一般 -
有帮助 -
非常有帮助
提交
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
