Here's a handy list of security testing tools for software testers that you might find useful.
- Bug Magnet — Convenient access to common problematic values and edge cases.
- D3coder — Encoding/Decoding Plugin for various types of encoding like base64, rot13 or Unix timestamp conversion.
- Edit This Cookie (Chrome Only) — EditThisCookie is a cookie manager. You can add, delete, edit, search, protect and block cookies!
- FoxyProxy — FoxyProxy simplifies configuring browsers to access proxy-servers, offering more features than other proxy-plugins.
- OWASP — The free and open software security community.
- Process Monitor v3.31 (Win only) — Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.
- Splashdata — The company's secure password and record management solution.
- SQL Map — SQL injection tool.
- Sysops /Coverity — Suite of programs designed around Security Testing.
- Ratproxy — Security Audit Tool.
- Site Spider — Index an entire site.
- Tamper Data (FF only) — Use Tamper Data to view and modify HTTP/HTTPS headers and post parameters.
- W3AF — SQL injection tool.
- Zed Attack Proxy Project — It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications.
More to add?
Are there any resources we’ve missed? Do you know of any great security testing tools we should add to this list? Share your findings on The Club and we’ll review it to be added to this list.