AMS Framing Studio v2.61 08.01.2009 г.Framing Studio - простая в использовании утилита для наложения рамок, масок и границ на фотографии, сочетающая в себе компактность, лёгкость в освоении, высокую поспешность работы и богатые фу...
+ Подробнее
Portable FileZilla 3.2.0 - Final M.Lang 08.01.2009 г. | 6.1 MB FileZilla Client is a fast and reliable cross-platform FTP, FTPS and SFTP client with lots of useful features and an intuitive interface. It is a powerful FTP-client for 32-bit MS OS (NT/2000/XP) for file upload...
+ Подробнее
TechSmith Camtasia Studio v6.0.1 08.01.2009 г.Camtasia Studio - мощная прога для записи изображения с экрана в видеофайлы различных форматов, имеется мочь редактирования видео, есть встроенные Macromedia Flash и видео проигрыватели. Данна...
+ Подробнее
Portable Molekel 5.3 08.01.2009 г. | 45 Mb MOLEKEL is an interactive molecular graphics program to visualize molecular and electronic structure data from a number of electronic structure program outputs (Gaussian, Gamess, ADF...) as well as from XYZ and P...
+ Подробнее
AMS Greeting Card Studio v1.57 08.01.2009 г.Greeting Card Studio - легкая в использовании приложение для быстрого создания высококачественных поздравительных открыток. С через этой программы вы сможете делать открытки, используя ваши собст...
+ Подробнее
Acunetix Web Vulnerability Scanner Enterprise Edition 6.0
Здесь можно Скачать бесплатно, или за sms Acunetix Web Vulnerability Scanner Enterprise Edition 6.0
Раздел: Софт
Категория: Internet
Добавлено: 27.11.2008
Изменено: 28.11.2008
Ваше мнение
Acunetix Web Vulnerability Scanner Enterprise Edition v6.0 | 20,5 MB
Audit your website security with Acunetix Web Vulnerability Scanner. As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.
Firewalls, SSL and locked-down servers are futile against web application hacking!
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Acunetix - a world-wide leader in web application security
Acunetix has pioneered the web application security scanning technology: Its engineers have focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection. Acunetix Web Vulnerability Scanner includes many innovative features:
* An automatic Javascript analyzer allowing for security testing of Ajax and Web 2.0 applications
* Industries' most advanced and in-depth SQL injection and Cross site scripting testing
* Visual macro recorder makes testing web forms and password protected areas easy
* Extensive reporting facilities including VISA PCI compliance reports
* Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
* Intelligent crawler detects web server type and application language
* Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
Which Vulnerabilities does Acunetix WVS Check for?
Acunetix WVS automatically checks for the following vulnerabilities among others:
* Version Check
*
o Vulnerable Web Servers
o Vulnerable Web Server Technologies – such as “PHP 4.3.0 file disclosure and possible code execution.
*
* CGI Tester
*
o Checks for Web Servers Problems – Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)
o Verify Web Server Technologies
*
* Parameter Manipulation
*
o Cross-Site Scripting (XSS) – over 40 different XSS variations are tested.
o SQL Injection
o Code Execution
o Directory Traversal
o File Inclusion
o Script Source Code Disclosure
o CRLF Injection
o Cross Frame Scripting (XFS)
o PHP Code Injection
o XPath Injection
o Full Path Disclosure
o LDAP Injection
o Cookie Manipulation
o Arbitrary File creation (AcuSensor Technology)
o Arbitrary File deletion (AcuSensor Technology)
o Email Injection (AcuSensor Technology)
o File Tampering (AcuSensor Technology)
o URL redirection
o Remote XSL inclusion
*
* MultiRequest Parameter Manipulation
*
o Blind SQL/XPath Injection
*
* File Checks
*
o Checks for Backup Files or Directories - Looks for common files (such as logs, application traces, CVS web repositories)
o Cross Site Scripting in URI
o Checks for Script Errors
*
* Directory Checks
*
o Looks for Common Files (such as logs, traces, CVS)
o Discover Sensitive Files/Directories
o Discovers Directories with Weak Permissions
o Cross Site Scripting in Path and PHPSESSID Session Fixation.
o Web Applications
o HTTP Verb Tampering
*
* Text Search
*
o Directory Listings
o Source Code Disclosure
o Check for Common Files
o Check for Email Addresses
o Microsoft Office Possible Sensitive Information
o Local Path Disclosure
o Error Messages
o Trojan shell scripts (such as popular PHP shell scripts like r57shell, c99shell etc)
*
* Weak Passwords
o Weak HTTP Passwords
*
* GHDB Google Hacking Database
*
o Over 1200 GHDB Search Entries in the Database
*
* Port Scanner and Network Alerts
*
o Port scans the web server and obtains a list of open ports with banners
o Performs complex network level vulnerability checks on open ports such as:
o
+ DNS Server vulnerabilities (Open zone transfer, Open recursion, cache poisoning)
+ FTP server checks (list of writable FTP directories, weak FTP passwords, anonymous access allowed)
+ Security and configuration checks for badly configured proxy servers
+ Checks for weak SNMP community strings and weak SSL cyphers
+ and many other network level vulnerability checks!
Other vulnerability tests may also be preformed using the manual tools provided, including:
Добавить в избранное (0) | Просмотров: 237
