Introduction

Introduction

Most of the information provided in this book
up to this point has been manual, step-by-step procedures for finding
vulnerabilities in Web applications and fixing them. However, many automated
tools can perform nearly the same functions, at ten times the speed and a
hundredth of the headache.

We've already discussed (or mentioned in
passing) a few of these tools in previous chapters. In this chapter we cover
some tools that we may not have covered (or covered fully) in the earlier
chapters but that are important nonetheless.

lang=EN-GB style='font-size:10.0pt;font-family:Symbol'>�        
Netcat,lang=EN-GB> written by Hobbit�the Swiss Army knife of hacking.

lang=EN-GB style='font-size:10.0pt;font-family:Symbol'>�        
Whisker,lang=EN-GB> written by Rain Forest Puppy (style='color:#003399'>http://www.wiretrip.net/rfp)�one
of the first complete Web checking tools.

lang=EN-GB style='font-size:10.0pt;font-family:Symbol'>�        
Brutus,lang=EN-GB> written by the folks at HooBie Inc. (style='color:#003399'>http://www.hoobie.net/brutus/)�one
of the most robust Web authentication brute forcers.

lang=EN-GB style='font-size:10.0pt;font-family:Symbol'>�        
Achilles,lang=EN-GB> written by Roberto Cardona (style='color:#003399'>http://www.digizen-security.comlang=EN-GB>)�one of the first usable HTTP proxy servers to insert commands in
the HTTP stream dynamically.

lang=EN-GB style='font-size:10.0pt;font-family:Symbol'>�        
Cookie Pal,lang=EN-GB> written by Kookaburra Software (style='color:#003399'>http://www.kburra.com/)�one
of the best programs for monitoring the cookies being created/deleted on a
system.

lang=EN-GB style='font-size:10.0pt;font-family:Symbol'>�        
Teleport Pro,lang=EN-GB> written by Tennyson Maxwell Information Systems, Inc. (http://www.tenmax.com)�performs automated
and scheduled crawling and inventorying of Web servers.