The ways in which an attacker can make fall our pages are too many. The good thing is that over time, tools have been created in order to counter these attacks. Since we know the importance of these tools, below you can find a summary of tools to scan website security on your blogs, e-commerce, digital app, etc.
Vulnerability scanner in a black box for WordPress. It has dictionaries to list plugins, themes, and a large database with discovered vulnerabilities.
It works as a database with around 6800 vulnerabilities that have been collected for this content manager.
Some of its characteristics are:
- Enumeration of users.
- Discovery of weak passwords.
- Version discovery.
- Discovery of vulnerabilities.
- List of plugins.
- Discovery of vulnerable plugins.
- Discovery of the theme used by the application.
- Directory listing.
A set of tools aimed at auditing web applications. The great framework of tests that it can cover has made it an essential tool for web security professionals. Within the suite we can find the following tools:
- Target: Generate a sitemap of the websites that have passed through the proxy.
- Proxy: Intercepts requests between the browser and the application.
- Spider: Automatically collects application resources
- Scanner: Detects different types of vulnerabilities both passively and actively.
- Intruder: Automate tasks: (fuzzing, brute force, enumeration, etc.)
- Repeater: It allows us to repeat and manipulate the requests that go through the proxy.
- Sequencer: Analyze the randomness of session tokens or strings
- Decoder: String encoder and decoding (URL, Base64, Hex, hashes, etc).
- Comparer: Compare different requests and responses.
- Extender: It allows us to add extra functionalities for Burp (plugins).
Designed in order to be used by other applications or scripts. It is an easy-to-use and trusted back-end utility. It will allow us to read and write data through TCP / UDP connections at the same time. This lets us create almost any type of connection (for example connection to a certain port to accept incoming connections). Also, it is useful as a debugging tool or network scan.
Despite its popularity, it was discontinued in 1995, making it difficult to find a copy of the source code. But there is the Linux community (specifically the Nmap project) to update such a useful tool, resulting in Ncat, a modern reimplementation with support for SSL, IPv6, SOCKS, and other protocols still non-existent at that time.
It is an open-source python tool that automates the process of detecting and exploiting SQL injection vulnerabilities. It has a powerful detection engine and a large number of testing functions for multiple database management systems.
This ‘pen-testing’ (system accessibility testing) tool will automate the process of detecting and exploiting SQL injection errors and takes care of the back-end database servers.
It has a wide range of functions, such as accessing the file system of the damaged server and executing commands from our computer outside of your network. You can obtain a fingerprint or password to access the data in a database.
Open-source software used to track open ports, service discovery, and hosts on data networks.
Nmap is extensible through the use of scripts developed by your community, which allows you to optimize and adapt scans according to network conditions.
This web server scanner will perform exhaustive tests against (what a surprise …) web servers, taking into account various factors such as outdated versions of applications, specific problems of each version found, and server configuration elements.
Will identify the installed systems and analyze them. All this in contrast to more than 6,400 files in its database, as well as more than 1,200 servers with which to compare the versions of the installed software.
Its analysis tools, as well as its plugins, are updated frequently and automatically, so we will not have to be aware of having this or that version of the program, we will always have the latest available.
Allows you to check both web applications and infrastructures. Includes multiple predefined scanner configurations, such as malware or compliance. Also, allows us to scan IP ranges and there are plugins that can help us improve and optimize scanner functions.
More than 46,000 plugins make up its extensive repertoire, with which we can amply test any environment that comes our way.
You can fin authentication, remote access, local access, privilege control and escalation, analysis of client-server architectures, in addition to having an advanced web interface and its own environment to develop our own plugins.
Mainly designed for UNIX systems (although applicable to any platform we find today).
Just like Metasploit, started being open source until the free versions were privatized and retired in 2005 in 2008.
We can buy it today for about 1200 $ a year. Although the Linux community is always there to show us once again that Open Source is ubiquitous and a group of users is still developing a version of Nessus under the name of OpenVAS.
At its launch in 2004, Meta sploit revolutionized the world of security.
The popular analysis model through payloads, encoders, non-op generators, and many other exploits that can be integrated into various programs have made Metasploit always at the forefront of the most popular options among security analysis software.
Among its repertoire of ‘extras’, we find hundreds of exploits that we can use or edit to create our own. This is more recommended than venturing to download other scripts or shellcode’s from any forum, blog, web, which we do not know what may be behind.
Metasploit was totally Open Source software. However, in 2009 the company Rapid7 acquired it and commercial variants began to emerge. Although as always in this world of Free Software, thanks to the community we still have a free version, although limited.
For those who are interested in buying the licenses, the prices are between $ 3,000 and $ 15,000 depending on the functions we need.
Previously known as Ethereal (until in 2006 it lost the rights to that name due to a dispute with another brand with a similar name).
It is a great open-source tool that will provide us with a thorough analysis of our network.
Wireshark has many interesting features, such as being able to perform analysis on an existing network, on a mapping, or an existing file on disk.
Includes a vast dictionary to apply filters to navigation as well as the possibility of reconstructing a complete TCP session using the analyzed data flow, thus being able to track the navigation that is generated from our network.
It supports hundreds of protocols and we can find this application available on various platforms such as Windows, Linux, or Mac OS.
Set of tools to scan website security subdomains from a certain domain. Within these tools are:
– aquatone-discover: Identifies the authorized name servers for the destination domain (subdomains).
– aquatone-scan: Discovery of open HTTP ports on the different hosts found with aquatone-discover.
– aquatone-gather: Loads the data from the created files and starts requesting URLs to collect HTTP responses and screenshots.
Aquatone is currently being developed in Go and can change how it works, but you can use other tools such as Sublist3r or Subfinder.
If you enjoy researching about different applications today, you can check the top of the most used applications.