App Pentest Toolkit

Web Proxy and Scanner Tools

  • Burp Suitearrow-up-right: Industry-standard web proxy for manual and automated web application security testing.

  • OWASP ZAParrow-up-right: Open-source alternative to Burp Suite for web security scanning.

  • Caidoarrow-up-right: Modern, lightweight, open-source web security auditing platform for HTTP/S traffic inspection, request modification, endpoint mapping, and collaboration.

Automated Vulnerability Scanners

Exploitation and Fuzzing

Reconnaissance and Surface Mapping

Password and Hash Cracking

Network Traffic Analysis

Wordlists and Payloads

Operating Systems

  • Kali Linuxarrow-up-right: Popular Linux distro pre-installed with most major pentest tools.

  • Athena OSarrow-up-right: Linux-based cybersecurity operating system, tailored for penetration testers, red teams, and researchers with a pre-packed pentesting toolkit.

Last updated