ADAPT is a tool which is developed to perform automated penetration testing job for web applications making things easy for pentesters…
The tool is designed to extend accuracy, speed and also give you confidence in your Penetration testing efforts..
This tools will automatically check for a number of standard OWASP Top 10 Vulnerabilities, and gives out outputs and findings which are categorized based on most of the potential Vulnerabilities.
ADAPT also uses the the performance from OWASP ZAP to carry out automated passive and active scans and auto-spidering. Due to the malleable nature of this tool, all these options and features can be enabled or disabled from the configuration file…
For more in-depth details on the configuration and features, please do check the the ADAPT wiki page.
How Does ADAPT Tool Works?
* OTG-IDENT-004 – Account Enumeration * OTG-AUTHN-001 - Testing for Credentials Transported over an Encrypted Channel * OTG-AUTHN-002 – Default Credentials * OTG-AUTHN-003 - Testing for Weak lock out mechanism * OTG-AUTHZ-001 – Directory Traversal * OTG-CONFIG-002 - Test Application Platform Configuration * OTG-CONFIG-006 – Test HTTP Methods * OTG-CRYPST-001 - Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection * OTG-CRYPST-002 - Testing for Padding Oracle * OTG-ERR-001 - Testing for Error Code * OTG-ERR-002 – Testing for Stack Traces * OTG-INFO-002 – Fingerprinting the Webserver * OTG-INPVAL-001 - Testing for Reflected Cross website scripting * OTG-INPVAL-002 - Testing for Stored Cross website scripting * OTG-INPVAL-003 – HTTP Verb Tampering * OTG-SESS-001 - Testing for Session Management Schema * OTG-SESS-002 – Cookie Attributes