Description:
Pentest-Tools.com is a collection of ethical
hacking tools for penetration testers and network
auditors who need to check the security of
networks, public servers, websites or people.
Tools they provide:
Google Hacking:
Find Subdomains
Whois Lookup
DNS Lookup
DNS Zone Transfer
Discovery&Probing:
Ping sweep
TCP port scan
UDP port scan
Web tools:
URL Fuzzer
XSS Server
Web proxy
Internet Banking:
Xchg Rate Improver
Their blog: Don't have much to offer. Just two posts:
- Network Fingerprinting Using Online Tools
- Real-life exploitation of XSS vulnerabilities
They provide pentesting services too (which is not free):
Even though automated tools can discover a high
number of vulnerabilities, there are some
problems that cannot be discovered
automatically. Human inspection is necessary to
find subtle problems like application logic flaws,
users escalating their privileges, unauthorized
access to sensitive data, authentication bypass
and others. This type of problems are usually
rated with the highest risk and are highly
probable to affect your business.
They do:
- Web application pentesting
- Mobile application pentesting
- Infrastructure pentesting