Web application tools

In this section, we will discuss several tools that can be used to test web applications.


Golismero is an open source framework for web testing. It is written in the Python language. The interesting features of Golismero are listed as follows:

  • It collects and unifies the results from well-known tools such as sqlmap, xsser, openvas, dnsrecon, and theharvester
  • It integrates with CWE, CVE, and OWASP

Golismero, which is included with Kali Linux, is an old version and doesn't have features for testing the security of web applications.

You can download the latest version at https://github.com/golismero/golismero/archive/master.zip.

Then, extract the zip file. As a start, you can type the following command to display the Golismero ...

Get Kali Linux – Assuring Security by Penetration Testing now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.