The Input Vector Support of Web Application Scanners

The current information is based on the results of the *2011/2012/2014/2016* benchmarks (excpet for entries marked as updated

or new

)

Note: The content in this page is *incomplete* since the research is still in progress - the various scanners might support additional vectors.

Last updated: 18/09/2016
Sorted in a descending order according to the scanner's number of supported input vectors and the scanner name .
Hint: hover over the marks and titles to get additional information on the various features.
Note: the information refers to the ability of the scanners to scan the input vector, not simply to interpret it.
Glossary

Unified List Commercial Scanners Free / Open Source Scanners

Logo

Vulnerability Scanner

C
O
U
N
T

G
E
T

P
O
S
T

C
O
O
K
I
E

H
E
A
D
E
R

S
E
C
R
E
T

P
N
a
m
e

X
M
L

X
m
l
A
T
T

X
m
l
T
A
G

J
S
O
N

.
N
e
t
E
N
C

A
M
F

J
a
v
a
S
E
R

.
N
e
t
S
E
R

W
C
F

W
C
F
-
B
i
n

W
e
b
S
o
c
k

D
W
R

C
u
s
t
o
m

D
I
R

F
I
L
E

P
a
t
h

N
e
s
t
X
M
L

N
e
s
t
J
S
O
N

J
s
o
n
P
N
a
m
e

M
u
l
t
i
p
a
r
t

G
W
T

O
D
a
t
a
I
D

O
D
a
t
a
F
i
l
t

IronWASP

arachni

ZAP

Netsparker Community Edition

W3AF

Acunetix WVS Free Edition

N-Stalker 2012 Free Edition

SkipFish

SQLiX

sqlmap

Logo

Vulnerability Scanner

C
O
U
N
T

G
E
T

P
O
S
T

C
O
O
K
I
E

H
E
A
D
E
R

S
E
C
R
E
T

P
N
a
m
e

X
M
L

X
m
l
A
T
T

X
m
l
T
A
G

J
S
O
N

.
N
e
t
E
N
C

A
M
F

J
a
v
a
S
E
R

.
N
e
t
S
E
R

W
C
F

W
C
F
-
B
i
n

W
e
b
S
o
c
k

D
W
R

C
u
s
t
o
m

D
I
R

F
I
L
E

P
a
t
h

N
e
s
t
X
M
L

N
e
s
t
J
S
O
N

J
s
o
n
P
N
a
m
e

M
u
l
t
i
p
a
r
t

G
W
T

O
D
a
t
a
I
D

O
D
a
t
a
F
i
l
t

XSSer

safe3wvs (limited free edition)

Vega

Wapiti

WebCruiser Free Edition

Logo

Vulnerability Scanner

C
O
U
N
T

G
E
T

P
O
S
T

C
O
O
K
I
E

H
E
A
D
E
R

S
E
C
R
E
T

P
N
a
m
e

X
M
L

X
m
l
A
T
T

X
m
l
T
A
G

J
S
O
N

.
N
e
t
E
N
C

A
M
F

J
a
v
a
S
E
R

.
N
e
t
S
E
R

W
C
F

W
C
F
-
B
i
n

W
e
b
S
o
c
k

D
W
R

C
u
s
t
o
m

D
I
R

F
I
L
E

P
a
t
h

N
e
s
t
X
M
L

N
e
s
t
J
S
O
N

J
s
o
n
P
N
a
m
e

M
u
l
t
i
p
a
r
t

G
W
T

O
D
a
t
a
I
D

O
D
a
t
a
F
i
l
t

N-Stalker 2009 Free Edition

Syhunt Mini (Sandcat Mini)

Logo

Vulnerability Scanner

C
O
U
N
T

G
E
T

P
O
S
T

C
O
O
K
I
E

H
E
A
D
E
R

S
E
C
R
E
T

P
N
a
m
e

X
M
L

X
m
l
A
T
T

X
m
l
T
A
G

J
S
O
N

.
N
e
t
E
N
C

A
M
F

J
a
v
a
S
E
R

.
N
e
t
S
E
R

W
C
F

W
C
F
-
B
i
n

W
e
b
S
o
c
k

D
W
R

C
u
s
t
o
m

D
I
R

F
I
L
E

P
a
t
h

N
e
s
t
X
M
L

N
e
s
t
J
S
O
N

J
s
o
n
P
N
a
m
e

M
u
l
t
i
p
a
r
t

G
W
T

O
D
a
t
a
I
D

O
D
a
t
a
F
i
l
t

Uber Web Security Scanner

VulnDetector

WATOBO

WebScarab

WebSecurify (Opensource Version)

Logo

Vulnerability Scanner

C
O
U
N
T

G
E
T

P
O
S
T

C
O
O
K
I
E

H
E
A
D
E
R

S
E
C
R
E
T

P
N
a
m
e

X
M
L

X
m
l
A
T
T

X
m
l
T
A
G

J
S
O
N

.
N
e
t
E
N
C

A
M
F

J
a
v
a
S
E
R

.
N
e
t
S
E
R

W
C
F

W
C
F
-
B
i
n

W
e
b
S
o
c
k

D
W
R

C
u
s
t
o
m

D
I
R

F
I
L
E

P
a
t
h

N
e
s
t
X
M
L

N
e
s
t
J
S
O
N

J
s
o
n
P
N
a
m
e

M
u
l
t
i
p
a
r
t

G
W
T

O
D
a
t
a
I
D

O
D
a
t
a
F
i
l
t

crawlfish

Damn Small SQLi Scanner (DSSS)

SQID (SQL Injection Digger)

Web Injection Scanner (WIS)

Statistics

#	G E T	P O S T	C O O K I E	H E A D E R	S E C R E T	P N a m e	X M L	X m l A T T	X m l T A G	J S O N	. N e t E N C	A M F	J a v a S E R	. N e t S E R	W C F	W C F - B i n	W e b S o c k	D W R	C u s t o m	D I R	F I L E	P a t h	N e s t X M L	N e s t J S O N	J s o n P N a m e	M u l t i p a r t	G W T	O D a t a I D	O D a t a F i l t
Scanners:	49	39	13	12	2	3	4	4	0	5	0	0	0	0	0	0	0	0	2	1	1	4	1	0	0	4	1	1	1

Glossary

Alias	General Feature	Description	References
GET	HTTP Query String Parameters	Input parameters sent in the URL	1
POST	HTTP Body Parameters	Input parameters sent in the HTTP body	1
COOKIE	HTTP Cookie Parameters	Input parameters sent in the HTTP cookie	1
HEADER	HTTP Headers	HTTP request headers used by the application	1
SECRET	Secret HTTP Parameters	Non-visible valid HTTP parameters (such as GET to POST, etc)
PName	HTTP Parameter Names	HTTP parameter names used by the application
XML	XML Element Content	The content of XML elements	1
XmlATT	XML Attributes	XML attributes	1
XmlTAG	XML Tags	The names of XML tags	1
JSON	JSON Parameters	Parameters sent in JSON format	1
.NetENC	.Net PostBack Encoded Parameters	Parameters sent after undergoing .net PostBack encoding	1
AMF	Flash Action Message Format	Parameters sent in Flash AMF format	1
JavaSER	Java Serialized Objects	Parameters sent within Java serialized objects	1
.NetSER	.Net Serialized Objects / Remoting	Parameters sent within .Net serialized objects / remoting	1
WCF	.Net WCF Objects	Parameters sent in WCF requests	1
WCF-Bin	.Net Binary WCF Objects	Parameters sent in binary WCF requests	1
WebSock	HTML5 WebSockets	Direct Socket Browser-Server Communication	1
DWR	Java Direct Web Remoting	Parameters sent in DWR format	1
Custom	Custom Input Vector	Support for defining custom input vectors in the HTTP request
DIR	Directory Name Input Vector	Support for scanning the directory section in the HTTP URL
FILE	File Name Input Vector	Support for scanning the file name section (without extension) in the HTTP URL
Path	HTTP Path Input Vector	Support for appending to and scanning the HTTP path
NestXML	Nested XML In Parameter Input Vector	Support for scanning XML components which are nested in other parameters
NestJSON	Nested JSON In Parameter Input Vector	Support for scanning JSON components which are nested in other parameters
JsonPName	JSON Parameter Name Input Vector	Support for scanning JSON parameter names
Multipart	Multipart Input Vector	Support for scanning Multipart values	1
GWT	GWT Input Vector	Support for scanning input sent in GWT (Google Web Toolkit) format	1
ODataID	OData Id Input Vector	Support for scanning OData ID Values	1
ODataFilt	OData Filter Input Vector	Support for scanning OData Filter Values	1