Watir is an automated test tool which uses the Ruby scripting language to drive the Internet Explorer web browser. Watir is a toolkit for automated tests to be developed and run against a web browser.
Srinath Anantharaju, a member of Google’s Security Team posted in Google’s Security Blog the availability of “Lemon” , a new web application security fuzzerdeveloped by Google.
PIRANA is a SMTP fuzzing and bruteforce exploitation framework that tests the security of a SMTP content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the SMTP server
another web testing tool called FunkLoad. This python application can be used for functional and regression testing of web applications.
WebLOAD stress and load testing tool has been released by Radware as open source. The Commercial-Grade Open Source Load Testing Solution from RadView. Load-test any Internet Application, including applications that use Web 2.0 & AJAX.
It’s about storing unique MD5 hashes in the title of numerous pages spidered by Google . You may call it an implementation of an hash search engine using Google.
I read today about a new tool for web brute forcing : DirBuster. It is a multi threaded java application designed to brute force directories and files names on web/application servers.
Federico Biancuzzi has published an interview at The Register about a new algorithm to crack WEP keys. The main gain of this new attack is the relatively small number of packets needed in order to crack the key
I bet you never knew that one reliable resource of dictionary based password attacks is the US Census bureau.
A Security Fuzzer is a tool designed to provide random data (fuzzing testing) to an application’s parameters. In the context of web application testing, fuzzing means testing especially for buffer overflow, parameter format check, various encoding and error handling.