Arachni Web Vulnerability Scanner

Archni è un altro scanner atto ad identificare problemi di sicurezza in siti web :)

Come W3AF possiede una interfaccia da linea di comando oppure una interfaccia web.

Dal sito ufficiale:

Arachni uses various techniques to compensate for the widely heterogeneous environment of web applications.

This includes a combination of widely deployed techniques (taint-analysis, fuzzing, differential analysis, timing/delay attacks) along with novel technologies (rDiff analysis, modular meta-analysis) developed specifically for the framework.
This allows the system to make highly informed decisions using a variety of different inputs; a process which diminishes false positives and even uses them to provide human-like insights into the inner workings of web applications.

Io ho provato questo scanner per ora preferisco come velocità w3af, comunque arachni è uno scanner molto ampio e in continua crescita.
Preferisco di gran lunga l’interfaccia web di arachni poichè non si inchioda a differenza della gui di w3af :)
E’ un bel progetto ed è appena uscita la versione 0.4 :)

 

Download ARACHNI https://github.com/Zapotek/arachni .
WIKI https://github.com/Zapotek/arachni/wiki
SIMPLE VIDEO http://vimeo.com/19928281

Buon divertimento :D

Related posts:

1. UniScan:Web Vulnerability Scanner in Perl
2. OWASP Joomla Vulnerability Scanner
3. [tutorial]Tool for Vulnerability Identification level WEB
4. WPScan: Another WordPress Security/Vulnerability Scanner
5. [beta1]ClsHack Scanner: PHP _GET/_POST/_COOKIE VAR LOCATE

This entry was posted on Saturday, January 7th, 2012 at 12:13 pm and is filed under GNU/Linux, Hacking, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Tagged with: php • scanner • vulnerability • web