Penetration Test - Selecting_Pen_Testing_Tools(5)

Code cracking tools

Debuggers
Tool Notes URL
OLLYDBG Windows 32-bit http://www.ollydbg.de/
Immunity debugger Write exploits, analyze malware, and reverse engineer binary files https://www.immunityinc.com/products/debugger/
GDB GNU project debugger https://www.gun.org/software/gdb/
WinDBG Windows debugger https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools
IDA Cross platform debugger https://www.hex-rays.com/products/ida/
Software Assurance Tools
Tool Notes URL
Findbugs/findsecbugs Auditor of Java web application https://find-sec-bugs.github.io
Peach Fuzzer - automated testing https://www.peach.tech/products/peach-fuzzer/
AFL American Fuzzy Lop - fuzzer https://lcamtuf.coredump.cx/afl/
SonarQube Continuous inspection - automated testing https://www.sonarqube.org/
YASCA Yet Another Source Code Analyzer https://github.com/scovetta/yasca
QUICK REVIEW
  • Debuggers are advanced tools and can reveal how a program works.
  • Debuggers can also allow testers to modify data as the program is running
  • Software assurance tools can help to identify vulnerabilities in applications
上一篇:useful website


下一篇:vim编辑文件时[O]pen Read-Only, (E)dit anyway, (R)ecover, (D)elete it, (Q)uit, (A)bort: