Skip to content


Web Exploitation

  • FuzzDB - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  • Offensive Web Testing Framework (OWTF) - Python-based framework for pentesting Web applications based on the OWASP Testing Guide.
  • Raccoon - High performance offensive security tool for reconnaissance and vulnerability scanning.
  • WPSploit - Exploit WordPress-powered websites with Metasploit.
  • autochrome - Chrome browser profile preconfigured with appropriate settings needed for web application testing.
  • badtouch - Scriptable network authentication cracker.
  • sslstrip2 - SSLStrip version to defeat HSTS.
  • sslstrip - Demonstration of the HTTPS stripping attacks.