There are several penetration testing tools in the market, some are available as open-source tools. Tools like the Metasploit framework are simple and more popular. It has lots of features, it is easy to use. It is also available as a web version called Armitage. This tool can be used for network scanning, host discovery, exploitation, and managing the exploited software. A feature of this tool is that you could chain exploits together in one command. In previous versions, it was possible to send encrypted files which the victim will download and install before the real payload gets executed. Once the victim installs the application, a backdoor shell is established through port 443. Some resources that will come in handy when doing web application assessment are the OWASP testing guide, Securityheaders.io, and Acunetix. |
:: 
:: 
:: 
:: 
