How it works

Input/Output validation

Specific application problems

Server configuration mistakes / errors / version

  • Network VA: Tenable Nessus, Rapid7 Nexpose, OpenVAS, Nmap, Amap
  • Web App/Services VA: Acunetix WVS, Nikto, OWASP ZAP, OWASP DirBuster, Burp Suite
  • Network Penetration Test: Rapid7 Metasploit
  • URL Manipulation: Burp Suite, OWASP ZAP, Acunetix WVS, W3af
  • DataBase Security: SQLninja, SQLmap
  • Password guessing: THC Hydra, Nmap
  • Password cracking: John the Ripper