Reference: OWASP General Testing OWASP ZAP The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to […]
Articles Tagged: webscarab
Some ways to use free tools
use Owasp ZAP or Webscarab for their proxy functionality. use Nikto and W3AF to scan web applications. use SQLMap to exploit SQL injections vulnerabilities. use XSSer to detect and exploit XSS vulnerabilities. use Powefuzzer to fuzz parameters use online encoder/decoders use DirBuster to find hidden resources