Tool of the day

A plugin-based scanner that aids security researchers in identifying issues with several CMS.

LFISuite, an open source local file inclusion scanner and exploiter that is coded in Python. It supports multiple attack points and also has TOR proxy support.

Dirsearch is Tool that performs bruteforce attack of sensitive directories and files that are found on the websites.

Weevely is a web shell designed for post-exploitation purposes that can be extended over the network at runtime.Upload weevely PHP agent to a target web server to get

Wfuzz is a command line tool written in python. It is used to discover common vulnerabilities in web applications through the method of fuzzing.

Insider tool is secure code reviewer, which exclusively focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code.

Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files...

Dex2Jar is an instrument whose primary point is to convert .dex files into jar and smali files. The Dex2jar is mainly used for reverse engineering Android applications.

--xss  : Scan Site if vulnerable [Xss] url must be between double citation --sql  : Scan Site if vulnerable [Sql] url must be between double citation

RVuln:-- A multi-threaded-vulnerability-scanner written in Rust. Automated #Web Vulnerability Scanner.

Security Tool For Reconnaissance And Information Gathering On A Website

Skipfish is a powerful reconnaissance tool that has the ability to carry out security checks on web-based applications.

A python script designed to check if the website is vulnerable of clickjacking and creates a poc. 

ClassyShark is a standalone binary inspection tool for Android developers/testers.

 multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo .

Tulpar is an open source penetration testing tool that can find web application vulnerabilities.

RiskInDroid (Risk Index for Android) is a quantitative risk analysis tool for Android applications written in Java and Python.

The tool aims at automating the identification of potential services running behind ports identified manually either through manual scan or services running locally.

MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools.

The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you.

SSHScan is a testing tool that enumerates SSH Ciphers and by using SSHScan, weak ciphers can be easily detected.