Web Security ToolkitIntroduction to the tools we will be using during the course.

Some Words Of WisdomGood tools are important but your skills and experience is even more.

VeteransNmap (NSE)

Nikto (libwhisker)

Netcat

Wget

Curl

Standard Browsers

ProxiesZap

Burp

Paros

WebScarab

Proxify

BadAssProxy

HelpersDirbuster

Good Dictionaries

Collection Of Useful Scripts

Browser ExtensionsWebsecurify for Chrome and Firefox

Live HTTP Headers

Firebug

Tamper Data

Web Developer

Dev Tools

Commercial ScannersWebsecurify Scanner and Recon

Acunetix

AppScan

WebInspect

Netsparker

Free ScannersWebsecurify Foundation

w3af

Arachni

AppliancesQualys

Nessus

Nexpose

ExploitationCustom Tools

w3af

Metasploit

Continuous IntegrationWebsecurify Cohesion

Fortify

NextWe will be using some of these tools during the course.

Challenges1. Make sure that you have a running UNIX/Linux environment.

2. Install a proxy such as burp, zap, paros, proxify or any other.

3. Get an account on Websecurify Suite to get access to advanced tools.