I would like to test a IPS/IDS/WAF.
To do this I need some tools to generate some sql injection, XSS Attacks, Others Windows/Linux Exploits
For XSS , I use Xsser to generate about 90 xss attacks and I count the number of attacks that the WAF match. I can use also evasion with xsser to be sure it detects also theses attacks.
I need a tool to generate sql injection attacks , or another xss with more attacks ( like grabber?)
Can you tell me which tools can i use to do theses attacks automatization?
The goal is not to test a web application but to test the Purcentage of detection attacks with this ips/ids/waf.
Thanks for your feedback