More on Tools | DEFENSAHACKER Academy

Standard tools for web pentesting

Burpsuite Pro https://portswigger.net/burp/pro

ZAP https://www.zaproxy.org/

SQLmap http://sqlmap.org/

Nikto https://github.com/sullo/nikto

Dirb https://tools.kali.org/web-applications/dirb

wfuzz https://github.com/xmendez/wfuzz

BurpSuite Pro essential plugins

protobuf decoding: https://github.com/nccgroup/blackboxprotobuf
J2EEScan https://portswigger.net/bappstore/7ec6d429fed04cdcb6243d8ba7358880
ParamMiner https://portswigger.net/bappstore/17d2949a985c4b7ca092728dba871943
Upload Scanner https://portswigger.net/bappstore/b2244cbb6953442cb3c82fa0a0d908fa
Retire.js https://portswigger.net/bappstore/36238b534a78494db9bf2d03f112265c
JSON beautifier https://portswigger.net/bappstore/309ef28d45ff4f19bedfed3896cb3ca9
Msgpack https://portswigger.net/bappstore/c199ec3330864d548ff7d6bf761960ba

More info

Portswigger Learning materials: https://portswigger.net/web-security/all-materials

© 2021 DEFENSAHACKER