[Hardanger] Web Application Penetration Testing Platform

Hardanger is an Open Source web application penetration testing tool led by security researchers from SecurityWire. The project aims to bridge the gap between current open source web application testing tools commonly used in a Linux environment and bring the same level of tools to native Windows based platforms. Hardanger aims to deliver a user friendly experience for semi-automated web application penetration testing by building tools on top of the excellent Fiddler2 web debugger.

The project deliverable is a Fiddler2 (http://www.fiddler2.com) add-on dll written in C# that is easily installed using a .msi installer and a standalone application is also be available for users that do not want the integrated Fiddler2 experience. Hardanger has been architected so it can be easily expanded to add other functionality. The first version only includes a simple HTTP(S) GET and POST parameter fuzzer but will has built a foundation where it is trivial to plug in additional fuzzers and detection engines as well as other features. Once server fuzzing is perfected and state of the art, this project will continue to add new features such as a web browser fuzzer, brute force tool, manual tampering, crawler, passive vulnerability detection, recon tools, etc.

Current Features

Native Windows feel via Windows Presentation Foundation
Can run as a Fiddler2 add-on or standalone
ClickOnce installer with automatic updates (standalone version)
Context tab allowing inspection of full HTTP requests
Server fuzzer tab to configure and launch the server fuzzer
Basic random fuzzer generates random strings of UTF8 characters of random lengths
Non HTTP 200 detection engine
Results window keeping track of successful detections
Ability to review requests/responses in the results details window

Download Hardanger

KitPloit - PenTest & Hacking Tools

[Hardanger] Web Application Penetration Testing Platform

Follow us!

Popular

Blog Archive

Recommended

Social