Web-related tools

A1 Website Analyzer
Microsys produced tool for analysing websites and checking links. Response times, HTML and validation, track file sizes, optimize internal page link and search engine rankings.
Acunetix Web Vulnerability Scanner
Security testing application based on crawling web sites. It selects servers from a particular IP or IP range. The site is crawled accumulating information about every file and displaying the site structure. An automatic audit is performed covering common security issues. Technologies such as CGI, PHP, ASP, ASP.NET are tested for vulnerabilities. Areas covered are cross-site scripting, CRLF injection, code execution, directory traversal. MSIE and Windows required.
AppMonitor
Monitoring service based on a transactional aplication. The software creates web transaction simulations. Customer logins, purchase orde fulfillment can be conducteed up to every five minutes for application availability and performance. Vendor is Webmetrics. Full-page download of all page objects, breakdown of DNS, first byte and transfer times at various baud rates, alerting, performance reporting and benchmark comparisons are all included in the service.
AppScan
Rational/IBM suite which automates web application security testing. Outputs include defect analysis and recommending remedying security flaws. Audiors and compliance officers can use the application to validate compliance with security requirements.
Atomic Watch
Web monitoring software. The application executes tests as a background process when installed on a server. Strings can be checked for on a webpage or form. Notification is by the usual methods, email, sound alarm or URL.
Avignon Acceptance Testing System
Test scripting tool for the acceptance phase. The user can define the language to be used. XML is used as the definition, however the language can be extended to alllow the semantics to be user defined. Testing web applications through IE or FireFox, Swing and .NET WinForm applications are available.
CERIAS Security Archive
A website for all things security-related. Links organized by subject, intrusion detection resources and tools.. An FTP site is available with utilities, scanners and detection tools. Acronym for 'Center for Education and Research in Information Assurance and Security' and hosted at Purdue University
Core Impact Pro
Web application security testing tool from Core Security Technologies. Penetration testing techniques are used to identify vulnerabilitie from emerging threats and trace attack paths even if very complex.
GeoViz
A commercial off-the-shelf, WebCentric GeoSpatial CollaborationTM tool suite that provides 2-D, 3-D and 4-D views of geographic areas of interest to military, security, safety and disaster management officials. The GeoViz tool suite provides a unique SOA-based, mission-oriented framework for allowing users and/or groups of users to compose their own specific mission (or user) defined operational picture (MDOP or UDOP) for subsequent collaboration and mission execution.
HP Assessment Management Platform software
HP Assessment Management Platform software is a distributed, scalable, web application security testing platform that helps your organization address the complexities of today’s web application security testing and scanning programs. Part of HP's HP Application Security Center
HP QAInspect software
The HP QAInspect works from the HP Quality Center interface for ease of use when performing website security testing. Part of HP's HP Application Security Center
HP Quality Center software
HP Quality Center software - an integrated, web-based application for software requirements, test and defect management. Part of HP's HP Quality Center
HP Real User Monitor software
Organizations can get complete visibility into the experience and behavior of every user, from every location, for critical web applications using HP Real User Monitor. Part of HP's HP Business Availability Center
HP WebInspect software
HP WebInspect web application security testing and assessment software enables you to thoroughly analyze today's complex web applications built on emerging Web 2.0 technologies – delivering fast scanning capabilities, broad security assessment coverage and accurate security scanning results. Part of HP's HP Application Security Center
Instant Test Site
Gomez service lets anyone instantly test the response time of their website or web application from up to ten international testing nodes without having to download or install any software or create any scripts. Simply visit www.gomez.com/testyoursite, enter the URL to be tested, select a node and within seconds the site returns a comprehensive performance report revealing the load speed of each object on the page. This granular detail helps businesses establish a performance baseline and prioritize troubleshooting by rapidly identifying the root cause of issues such as missing images, erroneous third party content, or ISP bottlenecks. The service can be used to conduct multiple tests of the same URL to compare results over time or from different locations around the world.
PocketSOAP
GUI-based packet capture tool. Packet data is captured and displayed between local client and web server. Captures can be saved to disk. Available for Windows, binaries and source. PocketXML-RPC and PocketHTTP also available.