5 TOOLS FOR BUG HUNTERS IN KALI LINUX
1. Brupsuit:
Burp Suite is an integrated security-testing platform for web applications that gives hunters what they need to get the job done. It allows you to perform scans on everything you want from full crawls to individual URLs and covers over 100 generic vulnerabilities. Burp Suite also supports many kinds of attaching insertion points and nested insertion points. At the end of the day, Burp Suite offers a clear and comprehensive presentation of vulnerabilities and it is a paid tool
2. Vulnerability-Lab:
Vulnerability-Lab is a project that provides vulnerability research, vulnerability assessments and bug bounties. Among some of the most useful aspects are the web application vulnerabilities and website vulnerabilities. This would definitely be one of the first resources I would consult when beginning a bug bounty hunt.
3. Google Dorks
Google Dorks is a solid go-to to use when searching for hidden data and access pages on websites. This tool relies in part on the part of the website indexing power of Google and this volume of data is useful for bug bounty hunters. Google Dorks also does a good job with network mapping and can assist in finding subdomains.
4. Wapiti
Wapiti is a command-line application tool that allows bug bounty hunters to know the security of websites and web applications. Operationally, Wapiti crawls web applications with black-box scans and looks for points where it can inject code. When Wapiti finds a list of forms, form inputs, and URLs, it behaves like a fuzzier by injecting payloads to check for script vulnerability. Some notable features include:
- Server-side request forgery
- Reflected and permanent XSS injection
- ShellShock
- Includes a buster module that allows for brute-forcing filenames and directories on a target webserver
- POST HTTP and GET attack methods are supported
- The scan process includes an option to set maximum scan time
5. INalyzer
Not to be left out, mobile applications are definitely a contemporary area of interest for bug bounty hunters. One of the best among them is INalyzer for the iOS platform. Hosted by App Sec Labs, INalyzer makes manipulation of iOS applications a breeze. Tampering with methods and parameters is available and INalyzer can target closed applications, which means that your black-box project can now be considered gray-box. For more information on INalyzer, click here.
.png)
0 Comments