ScannerVersionVendor
Priamos1.0Yigit Aktan

Tested Against WAVSEP Version:
1.0

The SQL Injection Detection Accuracy of the Scanner:
Detection AccuracyChart
0.00% Detection Rate
0.00% False Positives		(0/136)
(0/10)
Response TypeInput VectorDetection RateDetails
Errorneous 500 ResponsesHTTP GET (Query String Parameters)0 out of 20Cases Missed: 1-19
Errorneous 500 ResponsesHTTP POST (Body Parameters)0 out of 20Cases Missed: 1-19
Errorneous 200 ResponsesHTTP GET (Query String Parameters)0 out of 20Cases Missed: 1-19
Errorneous 200 ResponsesHTTP POST (Body Parameters)0 out of 20Cases Missed: 1-19
Valid 200 ResponsesHTTP GET (Query String Parameters)0 out of 20Cases Missed: 1-19
Valid 200 ResponsesHTTP POST (Body Parameters)0 out of 20Cases Missed: 1-19
Identical 200 ResponsesHTTP GET (Query String Parameters)0 out of 8Cases Missed: 1-8
Identical 200 ResponsesHTTP POST (Body Parameters)0 out of 8Cases Missed: 1-8
False Positive SQLi Test CasesHTTP GET (Query String Parameters)0 out of 10None
WAVSEP Scan Log:
I executed the tool?s search injection feature on the following URLs:
http://192.168.110.1:8080/wavsep/index-sql.jsp
http://192.168.110.1:8080/wavsep/index-false.jsp
The tool crawled nearly all the URLs, but did not find a single vulnerability, regardless of what I attempted.


Copyright © 2010-2016 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.