Open Source Black Box Testing tools

Reference: OWASP General Testing OWASP ZAP The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to […]

Read More

Some ways to use free tools

use Owasp ZAP or Webscarab for their proxy functionality. use Nikto and W3AF to scan web applications. use SQLMap to exploit SQL injections vulnerabilities. use XSSer to detect and exploit XSS vulnerabilities. use Powefuzzer to fuzz parameters use online encoder/decoders use DirBuster to find hidden resources

Read More