Web安全扫描工具 WebCruiser
WebCruiser - Web Vulnerability Scanner V1.2.1.0206
运行平台:Windows with .Net FrameWork 2.0或以上。
界面语言:英文版
功能简介:
* 网站爬虫(目录及文件);
* 漏洞扫描(SQL注入,跨站脚本);
* 漏洞验证(SQL注入,跨站脚本);
* SQL Server明文/字段回显/盲注;
* MySQL字段回显/盲注;
* Oracle字段回显/盲注;
* DB2字段回显/盲注;
* Access字段回显/盲注;
* 管理入口查找;
* GET/Post/Cookie 注入;
* 搜索型注入延时;
* 自动从自带浏览器获取Cookie进行认证;
* 自动判断数据库类型;
* 自动获取关键词;
* 多线程;
* 高级:代理、敏感词替换/过滤;
* 报告;
---------------------------------------------------
Function:
* Crawler(Site Directories And Files);
* Vulnerability Scanner(SQL Injection, Cross Site Scripting);
* POC(Proof of Concept): SQL Injection and Cross Site Scripting;
* GET/Post/Cookie Injection;
* SQL Server: PlainText/FieldEcho(Union)/Blind Injection;
* MySQL/Oracle/DB2/Access: FieldEcho(Union)/Blind Injection;
* Administration Entrance Search;
* Password Hash of SQL Server/MySQL/Oracle Administrator;
* Time Delay For Search Injection;
* Auto Get Cookie From Web Browser For Authentication;
* Multi-Thread;
* Adcanced: proxy,Escape Filter;
* Report Output.
WebCruiser 下载:
下载 WebCruiser.rar
WebCruiser 帮助文档:
CHM格式:
下载WebCruiserUserGuide.rar
PDF格式:
下载WebCruiserUserGuide.pdf
Demo视频:
下载ScanDemo.swf
不需要注册码;功能无限制。
Incoming search terms:
- webcruiser
- webcruiserwvs
- webcruiser教程
- web cruiser
- web扫描
- WebCruise
- WebCruiser 教程
- php sql扫描
- CMSweb安全扫描工具
Tags: WebCruiser, Web安全, 扫描
版本已更新至V2.3.0
http://sec4app.com
WebCruiser - Web Vulnerability Scanner, a compact but powerful web security scanning tool that will aid you in auditing your site! It has a Vulnerability Scanner and a series of security tools.
It can support scanning website as well as POC( Prooving of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, a XPath injection tool, and a Cross Site Scripting tool!
Function:
* Crawler(Site Directories And Files);
* Vulnerability Scanner(SQL Injection, Cross Site Scripting, XPath Injection etc.);
* POC(Proof of Concept): SQL Injection, Cross Site Scripting, XPath Injection etc.;
* GET/Post/Cookie Injection;
* SQL Server: PlainText/Union/Blind Injection;
* MySQL: PlainText/Union/Blind Injection;
* Oracle: PlainText/Union/Blind/CrossSite Injection;
* DB2: Union/Blind Injection;
* Access: Union/Blind Injection;
* Post Data Resend;
* Administration Entrance Search;
* Time Delay For Search Injection;
* Auto Get Cookie From Web Browser For Authentication;
* Report Output.