ASW 233Curl

  • Command-line web (and a few other) protocols tool

ASW 231Zed Attack Proxy

  • Local proxy to capture, inspect, and manipulate HTTP traffic

ASW 230Fuzz Faster U Fool (ffuf)

  • Web fuzzer that turns wordlists and patterns into HTTP requests to find directories, virtual hosts, usernames, and otherwise fuzz parameter names and values.

ASW 228socat

  • Setup network channels to redirect and proxy traffic across many protocols

ASW 227SQLmap

  • Automated scanner to identify and exploitat SQL injection flaws

ASW 226Explainshell

  • Explainshell matches shell commands and their arguments with their help text. It builds an AST of a shell command, maps help text to each command and argument, and displays these relationships in a web page.

ASW 225OWASP Amass

  • The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.

ASW 224Homebrew

  • The Missing Package Manager for macOS (or Linux) Brew makes it easy to install security tools, programming languagues, and all sorts of utilities that come in handy for appsec. It won't clobber your system's versions of things like Python or Ruby.

Parrot Security

  • The ultimate framework for your Cyber Security operations "Parrot Security provides a huge arsenal of tools, utilities and libraries that IT and security professionals can use to test and assess the security of their assets in a reliable, compliant and reproducible way. From information gathering to the final report. The Parrot system gets you covered with the most flexible environment."

We Hack Purple

  • A community "dedicated to helping anyone and everyone create secure software."