软件安全测试辅助工具列表【持续收集中】

1、PageSpy

http://www.sembel.net/

PageSpy: Easy way to show source, analyze forms, query, cookie and more!

If you are a web developer, a web designer or a tester, you need PageSpy! PageSpy is an invaluable tool that will help you save precious time writing and debugging web pages. It can also help you understand the structure and function of existing pages on the web.

2、Firebug

Firebug integrates with Firefox to put a wealth of development tools at your fingertips while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page...

3、Dutch Duck

Microsoft Internet Explorer is a great browser-except when you want to look at your history, favorites, cookies or cache. Ever tried to print your history? Delete your visits to Amazon.com? Store your favorites in a spreadsheet?

With Dutch Duck IE History Viewer you can
- Show your Microsoft Internet Explorer history in a table--and quickly find the items you want
- Delete individual history items--no need to wipe your entire history
- Print your history--or store it in a file
- Also works for your favorites, cookies and cache!

4、Hamster

07年黒帽黑客大会上，现场应用的是Wi-Fi无线网络，Robert Graham发布了一个工具，叫做“Hamster”，配合Ferret工具抓无线网络中的数据包，在抓到其他人登录Gmail或者其它邮箱的cookie之后，用Hamster方便的进行cookie欺骗。这种攻击方法被作者叫做“sidejacking”。
Hamster下载：
http://hamster.erratasec.com/
帮助文档：
http://hamster.erratasec.com/help/index.html

5、ssclone

ssclone 可以复制同一交换机下任意http session 例如 blog,bbs,mail,webadmin

xcon,blackhat,redhat,whitehat~~~ 各种武林大会专用