LogoScannerVersionBuildVendor
Netsparker4.1.1.02015.06.16.1433Netsparker Ltd

Tested Against WAVSEP Version:
1.5

Product Details:
Accurate
Version
License /
Technology
Last Update
Source Code
Activity
4.1.1.0 (GA)
Build 2015.06.16.1433
Commercial
.Net 4.0
16-06-2015

General Features:
GUIConfigUsageStabilityPerformanceReportScanLogPauseSession
Very SimpleVery SimpleVery StableFast

Authentication, Control and Connection Features:
Custom
Cookie
Custom
Header
B
A
S
I
C
D
I
G
E
S
T
N
T
L
M
N
T
L
M
v
2
K
E
R
B
E
R
O
S
F
O
R
M
PROXY
GZIP
DEFLATE
SSL
CERT
Logout
Detection
Exclude
Logout
Exclude
URL
Exclude
Param

Coverage Features:
C
O
U
N
T
Manual
Crawl
URL
File
Html
Crawler
Ajax
Crawler
Flash
Crawler
Applet
Crawler
Silverlight
Crawler
WSDL
Crawler
REST
Crawler
Field
Autofill
Smart
Autofill
Anti
CSRF
Support
Viewstate
Support
CAPTCHA
Bypass
WAF
Bypass
9

Input Vector Support:
C
O
U
N
T
G
E
T
P
O
S
T
C
O
O
K
I
E
H
E
A
D
E
R
S
E
C
R
E
T
P
N
a
m
e
X
M
L
X
m
l
A
T
T
X
m
l
T
A
G
J
S
O
N
.
N
e
t
E
N
C
A
M
F
J
a
v
a
S
E
R
.
N
e
t
S
E
R
W
C
F
W
C
F
-
B
i
n
W
e
b
S
o
c
k
D
W
R
C
u
s
t
o
m
16

Audit Features:
C
O
U
N
T
S
Q
L
i
B
S
Q
L
i
S
S
J
S
i
R
X
S
S
P
X
S
S
D
X
S
S
J
S
O
N
h
L
F
I
R
F
I
C
M
D
E
x
e
c
U
P
L
O
A
D
R
E
D
I
R
E
C
T
C
R
L
F
i
L
D
A
P
i
X
P
A
P
H
i
M
X
i
S
S
I
F
O
R
M
A
T
i
C
O
D
E
i
X
M
L
i
E
L
i
B
U
F
F
E
R
o
I
N
T
E
G
E
R
o
C
O
D
E
D
i
s
c
B
A
C
K
U
P
f
P
A
D
D
I
N
G
A
U
T
H
b
P
R
I
V
e
X
X
E
S
E
S
S
I
O
N
F
I
X
A
T
I
O
N
C
S
R
F
A
D
o
S
18

Complimentary Audit Features:
WebServer
Hardening
CGI
Scanning
Dir & File
Enumeration
Passive
Analysis
Additional
Features
Angular JS Crawling, URL & Extra Params support (limited to XSS), MSSQL, MySQL, Oracle, Postgresql, DB2 & MsAccess Support, Credential Enumeration.

The SQL Injection Detection Accuracy of the Scanner:
Detection AccuracyChart
100.00% Detection Rate
0.00% False Positives
(136/136)
(0/10)

The Reflected XSS Detection Accuracy of the Scanner:
Detection AccuracyChart
100.00% Detection Rate
0.00% False Positives
(66/66)
(0/7)

The Path Traversal / Local File Inclusion Detection Accuracy of the Scanner:
Detection AccuracyChart
100.00% Detection Rate
0.00% False Positives
(816/816)
(0/8)

The Remote File Inclusion Detection Accuracy of the Scanner:
Detection AccuracyChart
100.00% Detection Rate
0.00% False Positives
(108/108)
(0/6)

The WIVET Score of the Scanner:
WIVET ScoreChart
92.00% Detection Rate

Additional Audit Features:
RFD (Rare!), Form/Basetag Hijacking, User/Pass Bruteforce, Insecure JSONP, Content Spoofing, Malicious File Upload, Remote Code Evaluation (ASP,PHP,Perl), RoR YAML Injection, HTTP and WebDAV Methods, SSL Checks, Heartbleed, HTTP.sys, HSTS Bypass, Admin Interfaces, Source Code Disclosure (PHP), Insecure CORS configuration.

Additional Features:
Angular JS Crawling, URL & Extra Params support (limited to XSS), MSSQL, MySQL, Oracle, Postgresql, DB2 & MsAccess Support, Credential Enumeration.

Overview:
Malware / Backdoor Detection, Detecting Known Vulnerabilities in Web Apps and Servers, Exploitation Features (SQLI, SQL Reverse Shell, RFI, LFI, RCE), Ability to generate PoC (CSRF, XSS), Javascript based DOM level custom scripting support in Authentication


Copyright © 2010-2016 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.