Web Application Vulnerability Scanner – WebVulScan

Posted: July 29, 2012 in hacks
Tags: , ,
It is written in PHP and is nice tool to test and identify security holes in web applications. It is good for remote and local security vulnerabilities. When scanning is in process, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found.

After the scanning, it also sends the full scanning report to user via email. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited.

This tool supports

  1. Reflected Cross-Site Scripting
  2. Stored Cross-Site Scripting
  3. Standard SQL Injection
  4. Broken Authentication using SQL Injection
  5. Autocomplete Enabled on Password Fields
  6. Potentially Insecure Direct Object References
  7. Directory Listing Enabled
  8. HTTP Banner Disclosure
  9. SSL Certificate not Trusted
  10. Unvalidated Redirects

Main Features:

  1. Crawler: Crawls a website to identify and display all URLs belonging to the website.
  2. Scanner: Crawls a website and scans all URLs found for vulnerabilities.
  3. Scan History: Allows a user to view or download PDF reports of previous scans that they performed.
  4. Register: Allows a user to register with the web application.
  5. Login: Allows a user to login to the web application.
  6. Options: Allows a user to select which vulnerabilities they wish to test for (all are enabled by default).
  7. PDF Generation: Dynamically generates a detailed PDF report.
  8. Report Delivery: The PDF report is emailed to the user as an attachment.
Download Here:
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s