ADAPT – Tool That Performs Automated Penetration Testing For WebApps

ADAPT is a tool which is developed to perform automated penetration testing job for web applications making things easy for pentesters…
adapt-tool-automated-pentest-webapp
The tool is designed to extend accuracy, speed and also give you confidence in your Penetration testing efforts..
This tools will automatically check for a number of  standard OWASP Top 10 Vulnerabilities, and gives out outputs and findings which are categorized based on most of the potential Vulnerabilities.
ADAPT also uses the the performance from OWASP ZAP to carry out automated passive and active scans and auto-spidering. Due to the malleable nature of this tool, all these options and features can be enabled or disabled from the configuration file…
For more in-depth details on the configuration and features, please do check the the ADAPT wiki page.

How Does ADAPT Tool Works?

ADAPT make uses of Python to automate the framework to use the standard trade instruments, such as OWASP ZAP and Nmap, to carry out continual/repeatable, good desinede  procedures with anticipated outcomes to create a very understandable reports listing out to you Vulnerability that are detected within the web application you are testing…
Automated Test
* OTG-IDENT-004 – Account Enumeration
* OTG-AUTHN-001 - Testing for Credentials Transported over an Encrypted Channel
* OTG-AUTHN-002 – Default Credentials
* OTG-AUTHN-003 - Testing for Weak lock out mechanism
* OTG-AUTHZ-001 – Directory Traversal
* OTG-CONFIG-002 - Test Application Platform Configuration
* OTG-CONFIG-006 – Test HTTP Methods
* OTG-CRYPST-001 - Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection
* OTG-CRYPST-002 - Testing for Padding Oracle
* OTG-ERR-001 - Testing for Error Code
* OTG-ERR-002 – Testing for Stack Traces
* OTG-INFO-002 – Fingerprinting the Webserver
* OTG-INPVAL-001 - Testing for Reflected Cross website scripting
* OTG-INPVAL-002 - Testing for Stored Cross website scripting
* OTG-INPVAL-003 – HTTP Verb Tampering
* OTG-SESS-001 - Testing for Session Management Schema
* OTG-SESS-002 – Cookie Attributes
Installing The Plugin

LEAVE A REPLY

Please enter your comment!
Please enter your name here