- Command-line web (and a few other) protocols tool
ASW 231Zed Attack Proxy
- Local proxy to capture, inspect, and manipulate HTTP traffic
ASW 230Fuzz Faster U Fool (ffuf)
- Web fuzzer that turns wordlists and patterns into HTTP requests to find directories, virtual hosts, usernames, and otherwise fuzz parameter names and values.
- Setup network channels to redirect and proxy traffic across many protocols
- Automated scanner to identify and exploitat SQL injection flaws
- Explainshell matches shell commands and their arguments with their help text. It builds an AST of a shell command, maps help text to each command and argument, and displays these relationships in a web page.
ASW 225OWASP Amass
- The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
- The Missing Package Manager for macOS (or Linux) Brew makes it easy to install security tools, programming languagues, and all sorts of utilities that come in handy for appsec. It won't clobber your system's versions of things like Python or Ruby.
- The ultimate framework for your Cyber Security operations "Parrot Security provides a huge arsenal of tools, utilities and libraries that IT and security professionals can use to test and assess the security of their assets in a reliable, compliant and reproducible way. From information gathering to the final report. The Parrot system gets you covered with the most flexible environment."
- A community "dedicated to helping anyone and everyone create secure software."