Add to comparison

Janusec WebCruiser Web Vulnerability Scanner

Janusec

Pitch

WebCruiser Web Vulnerability Scanner, an effective and powerful web penetration testing tool that will aid you in auditing your website!

Features of product

Features of product

About Product

It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, Local File Inclusion, Remote File Inclusion, Redirect etc. The most typical feature of WebCruiser comparing with other Web Vulnerability Scanners is that WebCruiser Web Vulnerability Scanner focuses on high risk vulnerabilities, and WebCruiser can scan a designated vulnerability type, or a designated URL, or a designated page separately, while the others usually will not. Key Features

Crawler (Site Directories and Files).
Vulnerability Scanner: SQL Injection, Cross Site Scripting, LFI, RFI, Redirect etc.
WAVSEP v1.5 SQL Injection & XSS test cases 100% covered.
SQL Injection POC Tool: GET/Post/Cookie Injection POC (Proof of Concept).
SQL Injection for SQL Server: PlainText/Union/Blind Injection.
SQL Injection for MySQL: PlainText/Union/Blind Injection.
SQL Injection for Oracle: PlainText/Union/Blind/CrossSite Injection.
SQL Injection for DB2: Union/Blind Injection.
SQL Injection for Access: Union/Blind Injection.
POC Tool for XSS, LFI, RFI, Redirect etc.
Resend Tool.
Bruter Tool.
Cookie Tool.

Requirement: .NET Framework 4.5+, IE9+ Software Disclaimer

Authorization must be obtained from the web application owner;
This program will try to get each link and post any data when scanning;
Backup the database before scanning so as to avoid disaster.
Using this software at your own risk.

Crawler (Site Directories and Files).
Vulnerability Scanner: SQL Injection, Cross Site Scripting, LFI, RFI, Redirect etc.
WAVSEP v1.5 SQL Injection & XSS test cases 100% covered.
SQL Injection POC Tool: GET/Post/Cookie Injection POC (Proof of Concept).
SQL Injection for SQL Server: PlainText/Union/Blind Injection.
SQL Injection for MySQL: PlainText/Union/Blind Injection.
SQL Injection for Oracle: PlainText/Union/Blind/CrossSite Injection.
SQL Injection for DB2: Union/Blind Injection.
SQL Injection for Access: Union/Blind Injection.
POC Tool for XSS, LFI, RFI, Redirect etc.
Resend Tool.
Bruter Tool.
Cookie Tool.

Requirement: .NET Framework 4.5+, IE9+ Software Disclaimer

Authorization must be obtained from the web application owner;
This program will try to get each link and post any data when scanning;
Backup the database before scanning so as to avoid disaster.
Using this software at your own risk.

Characteristics

Defect Tracking Integration	N/A
Continuous Integration Support (BDD)	N/A
Selenium Import/Integration (TDD)	Partially
Periodic/Scheduled Scans	N/A
Periodic Results Gap Analysis	N/A
IAST Module Hybrid Analysis	N/A
SAST Module Hybrid Analysis	N/A
Extensibility	N/A
WAF Virtual Patch Generation	N/A
Enterprise Console Management Features	N/A
Flash Scanner	N/A
CGI Scanner	N/A
WebService Scanner	N/A
Record Login Sequences	N/A
Crawl React Applications	N/A
Authentification HTTP/Cookie	Partially
Authentification NTLMv1/2	N/A
Crawl AngularJS Appllications	N/A
Detect AntiCSRF Params	N/A
Detect Logout (In-Session)	N/A
Support Multiple Domains (SPA)	N/A