Web App Testing Frameworks

Web App Testing Frameworks

Recon suites reviewPentest Book

• https://projectdiscovery.io/#/ - Collection of open source tools for attack surface management or Bug Bounties.

  • nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.

    • https://github.com/projectdiscovery/nuclei-templates

    • https://github.com/geeknik/the-nuclei-templates

    • https://github.com/projectdiscovery/nuclei-docs

    • https://cheatsheet.haax.fr/web-pentest/tools/nuclei/

  • subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

  • naabu - A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

  • httpx - httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

  • proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

  • dnsx - dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

• Fiddler - Powerful and flexible web debugging proxy.

• OWASP Zap - Open Source Web Application testing tool made by the OWASP Foundation. Serves a similar function to Burp and even shares many extensions.

  • https://tryhackme.com/room/learnowaspzap

• Jaeles - Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.

• REngine - reNgine is an automated reconnaissance framework meant for information gathering during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the domains, endpoints, or gather information. The beauty of reNgine is that it gathers everything in one place. It has a pipeline of reconnaissance, which is highly customizable.

• OpenBullet2 - OpenBullet 2 is a cross platform automation suite powered by .NET core. It allows to perform requests towards a target webapp and offers a lot of tools to work with the results. This software can be used for scraping and parsing data, automated pentesting and much more.

  • https://discourse.openbullet.dev/

• FinalRecon - FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results.

• ChopChop - ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot.

• TIDoS-Framework - Exceedingly detailed offensive manual web application testing framework.

• SecApps Suite - SecApps Suite is a browser-based web security testing toolkit made of a growing number of applications and features suitable for a diverse set of offensive and defensive activities: from automated web application security assessments to fuzzing, manual web auditing and much more.

• RapidScan - Multi-tool vulnerability scanner that runs separate tools in tandem for saving time in the scanning phase.

• Sitadel - Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features

• Garud - An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

• OpenWebTestingFramework - OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST

• SecApps - A flexible scanning platform that combines the funcitonality of multiple tools into a web based platform. Comes in both a premium and free sets of features.

• paros - Lightweight web application testing proxy

• sumrecon - Web recon script. No need to fear, sumrecon is here!

• 0d1n - Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

• BlackWidow - A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

• https://caido.io/ - A lightweight web security auditing toolkit. Built from the ground up in Rust, Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease