Complete XSS reversing/scanner tool. Find how a site is filtering code, check for injections and inspect objects.
XSS Rays is a security tool to help pen test large web sites. It’s core features include a XSS scanner, XSS Reverser and
object inspection. Need to know how a certain page filters output? Don’t have the source? No problem. XSS Rays will
blackbox reverse a XSS filter without needing the source code.
Google Hack Data Base
Google Hack Data Base – application to work with GHDB. Choose a category and click on the necessary query. To find description vulnerability, click “Search on www.exploit-db.com”. Application provides possibility to search vulnerabilities on the specified site. Just click on the search button and enter the site name. This application allows a better understanding of the basis web security.
Websecurify is an advanced testing solution built to quickly and accurately identify web application security issues.Websecurify saves you time and money by automating a tiresome and very technical process used by experts to find scary security vulnerabilities.
HTTP Parameter Pollution (HPP) is a recently discovered web exploitation technique. Please read the NDSS 2010 paper for more details about the technique. HPP Finder is a Chrome extension designed for detecting HPP attempts. HPP Finder can detect URLs and HTML forms that might be susceptible of parameter pollution, but it is not a complete solution against HPP.
HTML form fuzz tester. 用于做HTML表单的FUZZ
This is a fuzz testing, utility created to assist in populating web forms with some random data.
Website Crawler 网站爬虫
Use this extension to spider a website looking for dead links. One can restrict the spidering to a directory, a domain, or any other regular expression. The spider can also follow one link beyond this restriction, allowing one to find broken external links.
Chrome Extension Exploitation Framework一个基于Chrome渗透测试框架，你可以理解成BeEF的chrome版
This is a Chrome Extension Exploitation Framework – think BeEF for Chrome extensions. Whenever you encounter a XSS vulnerability in Chrome extension, ChEF will ease the exploitation.