Below some tools you can use for scans and vulnerability assessment while performing a penetration test:

exploit-db: The Exploit Database

grabber: web application scanner

inguma: pentest toolkik which can perfom target auditing and information gathering

Metasploit: “world’s most used penetration testing software”

Nessus: vulnerability scanner

Nikto: an Open Source web server scanner

oscanner: oracle assessment framework

searchsploit: search in exloit-db database

to be continued…

Subdomain enumeration

A friend recently asked me what methods I use to find subdomains.To be honest I was confused, like *"oooohhh so much, brute force mmm... ...… Continue reading

« Damn Vulnerable Web Application

Published on December 10, 2014

Pentest - Post exploitation tools »

Published on November 04, 2014