• Faraday

Faraday’s pentest environment, which recently ranked #6 on the top security tools list by ToolsWatch.org, offers a new way to perform pentesting – in an IDE. The tool is built for the analysis, indexation and distribution of the data.


Get Faraday’s pentest environment here.


  • IronWASP

Built with a bundle of other security modules integrated, IronWASP is a web app security scanning system that detects over 25 common vulnerabilities with the ability to add custom scanning tools for your own security testing needs. Its’ simplicity makes it a great tool for beginners, as well.


Download IronWASP here.


  • Drozer

Android apps are becoming more mainstream in organizations, and more organizations are building Android apps. Security is a major concern when it comes to the Android platform, and Drozer can help mobile ethical hackers find the weak spots in Android apps.


Read more about Drozer and download the tool here.


  • Clutch

While Android apps are notoriously vulnerability-ridden, their Apple counterpart has enough issues of its own. Use Clutch to decrypt iOS apps and see if any security vulnerabilities exist.


See this post from Digital Forensics Tips for a handy guide on using Clutch to decrypt iOS apps, and get Clutch here.


  • BeEF (The Browser Exploitation Framework)

A pentest tool designed specifically for web browser vulnerabilities, including those within mobile environments, BeEF was created to assess target environments using client-side attack vectors.


Download BeEf here, and read more on the Github Wiki here.

AppSec Tools

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest