These tools and products are designed to identify vulnerabilities in web-based applications. They may consist of XSS checks, SQL injection attacks, vulnerabilities in CMS software, vulnerabilities in installed software packages, Java or JavaScript issues, or brute force attacks. Typically they offer what is known as "black-box" testing, meaning that it comes at the website from the Internet, and doesn't know anything about the box or software. Some of the tools and products listed here also include source code scanners and other checks to help improve the security of web-based applications. A source code scanner is a "glass-box" test, as it can now see the code on the web server itself, not just what is presented to the Internet.
The commercial tools often use a vulnerability database that is used to check for known vulnerabilities that could be exploited in web-based attacks. They may require a subscription fee as well as the product purchase to keep the vulnerability database up to date.
There is a separate category for the online and Security as a Service (SaaS) scanning tools, as they are really a different beast from tools that you install and run yourself. You are trusting a website or a company to scan your site correctly, and not act on vulnerabilities identified. Be sure to check Online and SaaS Website Scanners as well if an online tool will meet your needs.
Articles and other information
- How to choose a Web Vulnerability Scanner - article by Robert Abela of Acunetix
- Web Application Security Scanner Evaluation Criteria - published by the Web Application Security Consortium
- Web App Pentesting - PenTest Magazine - by The Hacker News
The Nessus vulnerability scanner is the world leading vulnerability scanner, with over five million downloads to-date. Nessus is currently rated among the top vulnerability scanners throughout the security industry and is endorsed by professional security ...
The WPScan CLI tool is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites.
Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It shou ...
Vega is a GUI-based, multi-platform (OS X, Linux, Windows), free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes a ...
Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc. The advantage of Andiparos is ...
A web application security scanner and some other security tools.
Damn Small SQLi Scanner (DSSS) has been made as a PoC where I wanted to show that commercial (SQLi) scanners can be beaten under 100 lines of code. It supports GET and POST parameters, blind/error SQLi tests and advanced comparison of different r ...
Gamja will find XSS(Cross site scripting) & SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].
Grabber is a web application scanner. Basically it detects some kind of vulnerabilities in your website. Grabber is simple, not fast but portable and really adaptable. This software is designed to scan small websites such as personals, forums etc. absol ...
A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres. Further, it can crawl a website as a vulnerability scanner looking for sql injection vulnerabilities. Features ...
N-Stalker Web Application Security Scanner is a Web Security Assessment solution for your web applications. It incorporates the "N-Stealth HTTP Security Scanner" and its 39,000 Web Attack Signature database along with a patent-pending Component-oriented W ...
WebSlayer is a tool designed for bruteforcing Web Applications, it can be used for finding not linked resources (directories, servlets, scripts, etc), bruteforce GET and POST parameters, bruteforce Forms parameters (User/Password), Fuzzing, etc. The tools ...
ProxyStrike is an active Web Application Proxy. It's a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications that depends heavily on Javascript, not many web s ...
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforce GET and POST parameters for checking different kind of injections (SQL, XSS, LDAP,etc), bruteforc ...
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration t ...
Wapiti - Web application vulnerability scanner / security auditor Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but it will scan the webpages of ...
Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. Some of the main features of Websecurify include: Availab ...
Cross Site "Scripter" is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based aplications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
AppSentry is a new generation of security scanner and vulnerability assessment tool. Unlike other security scanners, AppSentry knows the application it is validating – its technology and data model. The security audits and checks are written specifically ...
A Java Hijacking tool for web application session security assessment. A simple Java Fuzzer that can mainly be used for numeric session hijacking and parameter enumeration.