Web Security Scanner

Web Security Scanner software is designed to scan a live web site and perform a comprehensive security assessment of a web application using black-box methodology.

Web Security Scanner software is designed to scan a live web site and perform a comprehensive security assessment of a web application using black-box methodology. It is designed to discover critical web application security vulnerabilities that hackers could exploit to compromise your website security, steal your data or deface your website. 

Heart of the scanner is a state of the art scanning engine that supports HTML, Javascript, Ajax, JSON, Flash and complex JavaScript code. Some of it’s key features are:

Features:
  • Modern and simple user interface
  • Comprehensive web crawler
  • Fast scanning engine
  • JavaScript support
  • Flash support
  • Report generation

Web Security Scanner recognizes OWASP TOP10 vulnerabilities such as:

  • SQL injection
  • XSS vulnerabilities
  • File inclusion
  • Command execution
  • Code execution
  • File Disclosure
  • Many more...


Currently, Web Scanner can discover over 40 different classes of web application security vulnerabilities, and some are listed in table below.

Vulnerabilities:
  • SQL Injection
  • XPATH Injection
  • File Disclosure
  • Blind SQL Injection
  • Page Inclusion
  • Common Files
  • Code Injection
  • Dangerous File Extensions
  • Shell Command Execution
  • File Upload
  • Cross Site Scripting
  • Buffer Overflows
  • File Manipulation
  • Server Side Includes
  • HTTP Response Splitting
  • Information Leak
  • LDAP Injection

More information about specific vulnerabilities can be found here

For purchase information, contact us on: defensecode@defensecode.com


This software is a perfect companion to the ThunderScan suite for website source code auditing. With ThunderScan and WebScanner you have a powerful combination to examine the security of even the most complex web applications.