Thursday, June 4, 2009

Sandcat – Advanced Web App Sec Tester

There are tons of scanners/testers on the market, but this one’s feature set kinda caught my eye:

http://pentestit.com/2009/06/04/sandcat-advanced-web-application-security-tester/

As of now, the SandCat will scan for these fault injections:
* Buffer Overflow
* Cookie Manipulation
* Command Execution
* CRLF Injection
* Cross Frame Scripting
* Cross-Site Scripting (XSS)
* Default Account
* Directory Listing
* Directory Traversal
* File Inclusion
* Information Disclosure
* LDAP Injection
* MX Injection
* Password Disclosure
* Path Disclosure
* PHP Code Injection
* Server-Specific Vulnerabilities: IIS / iPlanet / Others
* Source Code Disclosure
* SQL Injection
* XPath Injection
* Miscellaneous

No comments: