Arachni
adalah aplikasi gratis (Open Source project) untuk mencari kelemahan
dan mendukung keamanan aplikasi, release code dibawah Apache License Version 2.0 dan kita semua gratis menggunakannya.
Fitur-Fitur dan Perubahan yang tersedia:
- Optimized pattern matching to use less resources by grouping patterns to only be matched against the per-platform payloads. Bottom line, pattern matching operations have been greatly reduced overall and vulnerabilities can be used to fingerprint the remote platform.
- Modules
- Path traversal ( path_traversal)
- Updated to use more generic signatures.
- Added dot-truncation for MS Windows payloads.
- Moved non-traversal payloads to the file_inclusion module.
- File inclusion ( file_inclusion) — Extracted from path_traversal.
- Uses common server-side files and errors to identify issues.
- SQL Injection ( sqli) — Added support for the following databases:
- Firebird
- SAP Max DB
- Sybase
- Frontbase
- IngresDB
- HSQLDB
- MS Access
- localstart_asp — Checks if localstart.asp is accessible.
- Path traversal ( path_traversal)
- Plugins — Added:
- Uncommon headers ( uncommon_headers) — Logs uncommon headers.
0 komentar:
Posting Komentar