WhatWeb
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
This tool leverages Cydia Substrate to make all applications running on the device debuggable; once installed any application will let a debugger attach to them. Usage: Ensure that Cydia Substrate has been deployed on your test device. The installer requires a rooted device and can be found on the Google Play store at https://play.google.com/store/apps/details?id=com.saurik.substrate&hl=en. Download the pre-compiled APK available at https://github.com/iSECPartners/Android-OpenDebug/releases. Install the APK package on the device using adb install Android-OpenDebug.apk. Notes: This should only be used on test devices.
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
Automatic tool for pentesting XSS attacks against different applications
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application for client-server communication with numerous vulnerabilities.
Fnord is a pattern extractor for obfuscated code that extracts byte sequences and creates statistics, as well as generates experimental YARA rules.
WordPress plugin to reduce comment spam with a smarter honeypot.