| Scanner | Version | Vendor |
| safe3wvs (limited free edition) | 10.1 | Safe3 Network Center |
| Tested Against WAVSEP Version: |
| Detection Accuracy | Chart | ||||
| 40.44% Detection Rate 30.00% False Positives | (55/136) (3/10) |
| Response Type | Input Vector | Detection Rate | Details |
| Errorneous 500 Responses | HTTP GET (Query String Parameters) | 20 out of 20 | Detected: 1(1st&2nd),2-19 |
| Errorneous 500 Responses | HTTP POST (Body Parameters) | 0 out of 20 | Missed: 1(1st&2nd)-19 |
| Errorneous 200 Responses | HTTP GET (Query String Parameters) | 20 out of 20 | Detected: 1(1st&2nd),2-19 200Error-Experimental-GET: 1 |
| Errorneous 200 Responses | HTTP POST (Body Parameters) | 0 out of 20 | Missed: 1(st&2nd)-19 |
| Valid 200 Responses | HTTP GET (Query String Parameters) | 15 out of 20 | Cases Detected: 1(1st&2nd)-3,5-7,9,10,12,14-17,19 Cases Missed: 4,8,11,13,18 |
| Valid 200 Responses | HTTP POST (Body Parameters) | 0 out of 20 | Cases Missed: 1(st&2nd)-19 |
| Identical 200 Responses | HTTP GET (Query String Parameters) | 0 out of 8 | Cases Missed: 1-8 |
| Identical 200 Responses | HTTP POST (Body Parameters) | 0 out of 8 | Cases Missed: 1-8 |
| False Positive SQLi Test Cases | HTTP GET (Query String Parameters) | 3 out of 10 | 2,6,7 |
| Detection Accuracy | Chart | ||||
| 12.12% Detection Rate 42.86% False Positives | (8/66) (3/7) |
| Response Type | Input Vector | Detection Rate | Details |
| Reflected XSS | HTTP GET (Query String Parameters) | 8 out of 33 | Cases Detected: 1-5,30(1st&2nd),32 RXSS-Experimental-GET: 1 Cases Missed: 6-29,31 |
| Reflected XSS | HTTP POST (Body Parameters) | 0 out of 33 | Cases Missed: 1-32 |
| False Positive RXSS Test Cases | HTTP GET (Query String Parameters) | 3 out of 7 | 1,2,6 |
| Detection Accuracy | Chart | ||||
| 8.58% Detection Rate 12.50% False Positives | (70/816) (1/8) |
| Response Type | Input Vector | Detection Rate | Details |
| Errorneous 500 Responses | HTTP GET (Query String Parameters) | 35 out of 68 | Detected: 1-7,9-24,38,40,42,44,53-60 |
| Errorneous 500 Responses | HTTP POST (Body Parameters) | 0 out of 68 | null |
| Errorneous 200 Responses | HTTP GET (Query String Parameters) | 35 out of 68 | Detected: 1-7,9-24,38,40,42,44,53-60 |
| Errorneous 200 Responses | HTTP POST (Body Parameters) | 0 out of 68 | null |
| Valid 200 Responses | HTTP GET (Query String Parameters) | 0 out of 68 | null |
| Valid 200 Responses | HTTP POST (Body Parameters) | 0 out of 68 | null |
| Identical 200 Responses | HTTP GET (Query String Parameters) | 0 out of 68 | null |
| Identical 200 Responses | HTTP POST (Body Parameters) | 0 out of 68 | null |
| Redirect (302) Responses | HTTP GET (Query String Parameters) | 0 out of 68 | null |
| Redirect (302) Responses | HTTP POST (Body Parameters) | 0 out of 68 | null |
| Erroneous 404 Responses | HTTP GET (Query String Parameters) | 0 out of 68 | null |
| Erroneous 404 Responses | HTTP POST (Body Parameters) | 0 out of 68 | null |
| False Positive Lfi Test Cases | HTTP GET (Query String Parameters) | 1 out of 8 | 7 |
| I Checked the JS Resolve, POST resolve and URL Redirect features in
the scan settings, reduced the number of threads to 1, and extended the scan timeout to 3000. I then executed the tool against each individual directory, while enabling the following plugins (each for his own relevant directories): XSS, SQL Injection, File Hanldling, Others, alongside all of the crawling plugins. The WIVET scans failed regardless of what I configured in the cookie, threads or other sections, regardless of logout URL (100.php) exclusions, and regardless of the scanning method (GET,POST,Cookie). The free version seemed to ignore POST parameters, even when the form submission flag was activated and the scan target set to POST- a serios limitation (or bug?) to the free version - however, without it, the path traversal detection score would have been impressive. |