10 January 2012

[Tool] Arachni - Web Application Security Scanner Framework written in Ruby


Bài viết liên quan:

Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.

This version includes lots of goodies, including:

A new light-weight RPC implementation (No more XMLRPC)
High Performance Grid (HPG) — Combines the resources of multiple nodes for lightning-fast scans
Updated WebUI to provide access to HPG features and context-sensitive help
Accuracy improvements and bugfixes for the XSS, SQL Injection and Path Traversal modules
New report formats (JSON, Marshal, YAML)
Cygwin package for Windows
New plugins
ReScan — It uses the AFR report of a previous scan to extract the sitemap in order to avoid a redundant crawl.
BeepNotify — Beeps when the scan finishes.
LibNotify — Uses the libnotify library to send notifications for each discovered issue and a summary at the end of the scan.
EmailNotify — Sends a notification (and optionally a report) over SMTP at the end of the scan.
Manual verification — Flags issues that require manual verification as untrusted in order to reduce the signal-to-noise ratio.
Resolver — Resolves vulnerable hostnames to IP addresses.
IF you want a slightly more detailed description of what’s changed you can check here, or view the ChangeLog.

You can download Arachni v0.4 here:

Windows – arachni-v0.4-cygwin.exe


Source: http://www.darknet.org.uk

0 comments:

Post a Comment

Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))