Pen-testing tools

From miki

Revision as of 17:10, 21 March 2014 by Mip (talk | contribs) (→‎Proxies)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Proxies

OWASP Zed Attack Proxy Project (ZAP)

Powerful tool that can e.g. easily intercept HTTPS queries and mount MITM attacks.

On Firefox, install Plug-n-Hack plugin (go to http://localhost:8080/pnh/). Control the plugin / ZAP via Firefox Developer Toolbar (Shift+F2)

help pnh
help zap

Troubleshooting

On Ubuntu, disable the network proxy in gnome settings. It seems to interfere with ZAP.

Retrieved from "https://miki.immie.org/mediawiki/index.php?title=Pen-testing_tools&oldid=5861"