Kali some of the key tools used in the Linux web penetration test __oracle

1.Mitmproxy

Mitmproxy is an HTTP proxy tool that can be used for man-in-the-middle attacks or for HTML scratch-wrap debugging

2.BP

Use more, do not describe

3.owasp-zap

Zed Attack Proxy is Zap, is a simple and easy-to-use penetration testing tool, is to discover the flaw in the Web application is a sharp weapon, is the penetration test enthusiasts good thing.

4.Paros

Parosproxy, this is an agent that evaluates Web application vulnerabilities, a java-based Web proxy that evaluates Web application vulnerabilities. It supports dynamic editing/viewing of Http/https, thus altering items such as cookies and form fields. It includes a Web communications logger, a Web trap program (spider), a hash calculator, and a scanner that can test common Web application attacks such as SQL injection attacks and Cross-site scripting attacks. The tool examines vulnerabilities in the form of SQL injection, Cross-site scripting attacks, directory traversal, CRLF-carriage-return line-feed carriage return, and so on. Official Network http://www.parosproxy.org/

5.Proxystrike

Seemingly this artifact is similar to burpsuite, need to configure the agent to use, there are crawler modules, request reports, logs, configuration, and other modules, there is no in-depth research, or feel burpsuite relatively ripe, simple use of the next, is also a graphical interface, it seems that this is PyQt wrote.

6.Vega

7.webscarab

WebScarab is an application framework used to analyze the use of HTTP and HTTPS protocols. The principle is simple, WebScarab can record the session content it detects (requests and responses), and allows the user to view the record in several forms. WebScarab is designed to allow users to master an operating process based on an HTTP (S) program, which can be used to debug bugs that are difficult to handle in a program, or to help security experts discover potential program vulnerabilities.

PYQT is a toolkit for creating GUI applications. It is a successful fusion of the Python programming language and Qt library. QT Library is one of the most powerful libraries at the moment. PYQT was developed by Phil Thompson.