Open-source environment for exploitation code development, testing, and execution. Has extensible integration of payloads, encoders, no-op generators, and exploits. It also downloads with hundreds of ready-made exploits.
Java based web proxy. Assesses web application vulnerability. Supports editing/viewing HTTP/HTTPS messages on-the-fly to change items such as cookies and form fields. Does web traffic recording and web spiders. Scans for web application attacks like SQL injection and cross-site scripting.