Tool of the day

XSpear is XSS Scanner tool which is written in ruby gems. It can be useful for detecting the XSS vulnerability with different level of payloads.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items.

XForwardy is a Host Header Injection scanning tool which can detect misconfigurations , where Host Header Injections are potentially possible.

Altair is a Python based tool that does not require any specific packages to be installed as a pre-requisite. The SQLMAP and Lfier tools must be available on the disposal of the tool.

CipherScan discovers the SSL ciphersuites supported by the target.

SSHScan is a testing tool that enumerates SSH Ciphers and by using SSHScan, weak ciphers can be easily detected.

The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you.

MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools.

The tool aims at automating the identification of potential services running behind ports identified manually either through manual scan or services running locally.

RiskInDroid (Risk Index for Android) is a quantitative risk analysis tool for Android applications written in Java and Python.

Tulpar is an open source penetration testing tool that can find web application vulnerabilities.

 multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo .

Skipfish is a powerful reconnaissance tool that has the ability to carry out security checks on web-based applications.

A python script designed to check if the website is vulnerable of clickjacking and creates a poc. 

ClassyShark is a standalone binary inspection tool for Android developers/testers.

Detective helps to find Sensitive information, files and directories that are not supposed to see.

Security Tool For Reconnaissance And Information Gathering On A Website

RVuln:-- A multi-threaded-vulnerability-scanner written in Rust. Automated #Web Vulnerability Scanner.

--xss  : Scan Site if vulnerable [Xss] url must be between double citation --sql  : Scan Site if vulnerable [Sql] url must be between double citation

Dex2Jar is an instrument whose primary point is to convert .dex files into jar and smali files. The Dex2jar is mainly used for reverse engineering Android applications.

Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files...