Category Archives: Web Security

AuthMatrix – Burp Extension to Test Web Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With this burp extension

Cipherscan – Tool to Find Out SSL Ciphersuites Supported

Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates

WPScan – Black Box WordPress Security Scanner

WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test

WSSAT – Web Service Security Assessment Tool

WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities

Arachni – Web Application Security Scanner Framework

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators

Shadowd – The Shadow Daemon Web Application Firewall

Shadowd (Shadow Daemon) is a collection of tools to detect, record and prevent attacks on web applications. Shadow Daemon is a web application firewall

NAXSI – Low Rules Maintenance WAF for NGINX

NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms.