Who Called The Fuzz
#urlFuzz #theFuzz #Fuzzer #vulnerabilityScans #toolBox //
…testing …testing …testing in progress. Testing this one out as we speak (well, when I wrote this post and of course, when you read it. Let’s hope we are in the same year (might as well be totally separate but you get the point)… We are looking for ways to protect our investments online and pentests/vulnerability scanning tools might just be the ticket.
We have two running now, one from Pentest-Tools and the other Scantrics.io (nothing so far, these have been running for a few mins now, which may or may not be a good sign or way to predict the outcome. We will ultimately go through a few more, including Selenium, LoadRunner, JMeter, QTP, HTML/JS/PHP (PHP Unit) Validators, Guru99 a few others… but let’s start here.
We are using free tools below, so, keep this in mind when looking through the results once compiled and reported (said service provider). Additionally, free-premium tools don’t usually present the full picture, grain of salt; use multiple tools or pay the premium price… We like to use multiples, a mixture of free-premium services and validators.
URLFuzzer nill, good to test the lite version…
Scantrics nill, good to test lite version…
Don’t forget to run your web entities through the toolbox, Toolbox – Google Admin