ADAPT is a tool that performs automated Penetration Testing for WebApps.
- GitHub: https://github.com/secdec/adapt
* OTG-IDENT-004 – Account Enumeration * OTG-AUTHN-001 - Testing for Credentials Transported over an Encrypted Channel * OTG-AUTHN-002 – Default Credentials * OTG-AUTHN-003 - Testing for Weak lock out mechanism * OTG-AUTHZ-001 – Directory Traversal * OTG-CONFIG-002 - Test Application Platform Configuration * OTG-CONFIG-006 – Test HTTP Methods * OTG-CRYPST-001 - Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection * OTG-CRYPST-002 - Testing for Padding Oracle * OTG-ERR-001 - Testing for Error Code * OTG-ERR-002 – Testing for Stack Traces * OTG-INFO-002 – Fingerprinting the Webserver * OTG-INPVAL-001 - Testing for Reflected Cross site scripting * OTG-INPVAL-002 - Testing for Stored Cross site scripting * OTG-INPVAL-003 – HTTP Verb Tampering * OTG-SESS-001 - Testing for Session Management Schema * OTG-SESS-002 – Cookie Attributes
Project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines.
- Adobe Experience Manager (AEM) hacker toolset: https://github.com/0ang3el/aem-hacker