Alternative tools to perform the example attacks from our Intro to AppSec course
The example brute force attacks in the Intro to AppSec course were carried out with a tool called Hydra, while the SQL injections were carried out manually and with SQLMap, and finally, the XSS attacks were performed manually.
There are other available tools to gather information and to prod defenses. Two popular ones are:
- OWASP ZAP
- Burp Suite
Here’s a tutorial from a Cybr student, @sechvn , on how to install and configure Burp Suite in minutes for pentesting.
Here’s more information on OWASP ZAP.
Sorry, there were no replies found.