Shadowd – The Shadow Daemon Web Application Firewall
Shadowd (Shadow Daemon) is a collection of tools to detect, record and prevent attacks on web applications. Shadow Daemon is a web application firewall
Droopescan – Plugin-based Scanner for Several CMSs
Droopescan is a plugin-based scanner that aids security researchers in identifying issues with several CMS. Usage of droopescan for attacking targets
w3af – Web Application Attack and Audit Framework
w3af is a not a standard web application scanner but it is an advanced framework that may allow penetration tester to make automated
sqlmap – Automatic SQL Injection Tool
sqlmap is an advance open source tool for penetration testing that automate the process of searching and performing SQL injection.
Talisman – Tool to Prevent Secrets from Getting Checked in
Talisman is a tool is to validate code changes that are to be pushed out of a local Git repository on a developer’s workstation.
Archery – Centralize Vulnerability Assessment Framework
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities.
NAXSI – Low Rules Maintenance WAF for NGINX
NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms.
