RSS 27 projects tagged "Testing"

Download Website Updated 01 Feb 2011 httpforge

Screenshot
Pop 24.04
Vit 34.30

httpforge is a set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions.

Download Website Updated 19 Jun 2008 tmin

Screenshot
Pop 17.78
Vit 1.43

tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.

Download Website Updated 21 May 2008 Bunny the Fuzzer

Screenshot
Pop 41.86
Vit 2.09

Bunny the Fuzzer is a closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. It uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data.

Download Website Updated 18 Jan 2007 TN-GW-Scan

Screenshot
Pop 12.73
Vit 1.00

TN-GW-Scan is a scanner for scanning telnet proxies. It is implemented using FWTK.

Download Website Updated 01 Feb 2010 zzuf

Screenshot
Pop 71.83
Vit 4.35

zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data, which frequently comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easier to reproduce bugs.

Download Website Updated 15 Aug 2008 OpenSCDP

Screenshot
Pop 38.79
Vit 2.33

OpenSCDP is a collection of smart card application development and testing tools using JavaScript based on Global Platform scripting and profiles technology.

Download Website Updated 20 Jun 2008 RFDUMP

Screenshot
Pop 56.92
Vit 2.41

RFDUMP is a GUI to edit the "User Data Fields" on RFID tags and to test if a tag is protected against reading or writing. It implements a real life cookie on RFID tags. The tags that are supported for reading, writing, and editing are ISO 15693, ISO 14443 A, ISO 14443 B, SR176(1,2), Tag-it®, and I-Code®.

No download Website Updated 18 Dec 2007 Burp suite

Screenshot
Pop 35.89
Vit 1.66

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

No download Website Updated 03 Jun 2005 Network Traffic Manipulation Framework

Screenshot
Pop 18.17
Vit 1.00

NTMF is a C++ framework for developing software that requires the manipulation of packets traversing a system. The main application areas are protocol testing, protocol implementation testing, network emulation, and network monitoring. It has support for link level packet capturing (using libpcap), link level packet injection, and network level packet injection for IPv4 packets (using lipnet). It supports multi-threaded execution, provides thread-safe packet queues, and provides a dynamic Finite State Machine representation.

Download Website Updated 15 Jun 2006 TRIPP

Screenshot
Pop 46.58
Vit 1.51

TRIPP is a utility to rewrite incoming and outgoing IP packets. Since it can rewrite both headers and payload, it can be used to configure the TCP/IP stack behavior in order to perform various tasks mainly intended for network tests, simulations, and development. It is configured via a small rule-based language, which allows the user to intercept packets, set arbitrary header values, increment or decrement numeric header fields, set an arbitrary payload, rewrite parts of the payload, or fragment, delay, multiply, or drop packets. It is totally user-level and doesn't require a kernel module.

Screenshot

Project Spotlight

OWASP Zed Attack Proxy

An easy-to-use integrated penetration testing tool for finding vulnerabilities in Web applications.

Screenshot

Project Spotlight

Univention Corporate Client

A flexible and manageable operating system for PCs, notebooks, and thin clients.