LogoScannerVersionVendor
Ammonite1.2RyscCorp.

Tested Against WAVSEP Version:
1.2

Product Details:
Accurate
Version
License /
Technology
Last Update
Source Code
Activity
1.2 (GA) Commercial
.Net 2.0
28-04-2012

General Features:
GUIConfigUsageStabilityPerformanceReportScanLogPauseSession
Very SimpleVery SimpleStableFast

Authentication, Control and Connection Features:
Custom
Cookie
Custom
Header
B
A
S
I
C
D
I
G
E
S
T
N
T
L
M
N
T
L
M
v
2
K
E
R
B
E
R
O
S
F
O
R
M
PROXY
GZIP
DEFLATE
SSL
CERT
Logout
Detection
Exclude
Logout
Exclude
URL
Exclude
Param

Coverage Features:
C
O
U
N
T
Manual
Crawl
URL
File
Html
Crawler
Ajax
Crawler
Flash
Crawler
Applet
Crawler
Silverlight
Crawler
WSDL
Crawler
REST
Crawler
Field
Autofill
Smart
Autofill
Anti
CSRF
Support
Viewstate
Support
CAPTCHA
Bypass
WAF
Bypass
1

Input Vector Support:
C
O
U
N
T
G
E
T
P
O
S
T
C
O
O
K
I
E
H
E
A
D
E
R
S
E
C
R
E
T
P
N
a
m
e
X
M
L
X
m
l
A
T
T
X
m
l
T
A
G
J
S
O
N
.
N
e
t
E
N
C
A
M
F
J
a
v
a
S
E
R
.
N
e
t
S
E
R
W
C
F
W
C
F
-
B
i
n
W
e
b
S
o
c
k
D
W
R
C
u
s
t
o
m
7

Audit Features:
C
O
U
N
T
S
Q
L
i
B
S
Q
L
i
S
S
J
S
i
R
X
S
S
P
X
S
S
D
X
S
S
J
S
O
N
h
L
F
I
R
F
I
C
M
D
E
x
e
c
U
P
L
O
A
D
R
E
D
I
R
E
C
T
C
R
L
F
i
L
D
A
P
i
X
P
A
P
H
i
M
X
i
S
S
I
F
O
R
M
A
T
i
C
O
D
E
i
X
M
L
i
E
L
i
B
U
F
F
E
R
o
I
N
T
E
G
E
R
o
C
O
D
E
D
i
s
c
B
A
C
K
U
P
f
P
A
D
D
I
N
G
A
U
T
H
b
P
R
I
V
e
X
X
E
S
E
S
S
I
O
N
F
I
X
A
T
I
O
N
C
S
R
F
A
D
o
S
9

Complimentary Audit Features:
WebServer
Hardening
CGI
Scanning
Dir & File
Enumeration
Passive
Analysis
Additional
Features
Multipart POST Input Vector Support, RESTful Parameters Support, Export Request to Python.

The SQL Injection Detection Accuracy of the Scanner:
Detection AccuracyChart
96.32% Detection Rate
70.00% False Positives
(131/136)
(7/10)

The Reflected XSS Detection Accuracy of the Scanner:
Detection AccuracyChart
24.24% Detection Rate
42.86% False Positives
(16/66)
(3/7)

The Path Traversal / Local File Inclusion Detection Accuracy of the Scanner:
Detection AccuracyChart
63.97% Detection Rate
37.50% False Positives
(522/816)
(3/8)

The Remote File Inclusion Detection Accuracy of the Scanner:
Detection AccuracyChart
44.44% Detection Rate
33.33% False Positives
(48/108)
(2/6)

Additional Audit Features:
Limited PXSS Detection, Identifier Enumeration, Unpublished Content Discovery. Passive Detection Features: Cleartext CC#s in Responses, Hidden Form Fields in Responses, HTML Comments in Responses, HTTP/500 Errors in Responses, Verbose Errors in Responses.

Additional Features:
Multipart POST Input Vector Support, RESTful Parameters Support, Export Request to Python.

Overview:
Being a fiddler extension enables Ammonite to rely on many existing features & extensions, and extend them in a number of ways:


Copyright © 2010-2016 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.