Tools for Web Application Pentesting

General Tools for Web Pentesting

Burp Suite
OWASP ZAP
Nikto
FFUF / Gobuster

Browser Extensions

Wappalyzer
HTTP Header Live
HackTools

Specialized Tools

Responder (for File Inclusion and NTLM Hash Extraction)
AWS-Specific Tools

Web Tools

Wayback Machine (https://web.archive.org/)

PreviousImportant HTTP Security Headers (e.g., CSP, HSTS, X-Frame-Options)NextMethods and Techniques

Last updated 6 months ago