Through stepping and enumeration, it has been able to determine the infiltrated target website. Next, you can choose to use the missing scan tool for preliminary detection, which can greatly improve the efficiency of the work.
If you want to do good things, you must first sharpen your tools. Here are three software for enterprise-level vulnerability scanning.
1.AWVS
AWVS ( Acunetix Web Wulnerability Scanner ) is an automated web application security testing tool, which can scan any web site and web application that can be accessed through a web browser and follows HTTP/HTTPS rules , commonly referred to as WVS in China .
Create a new scan task here, fill in the address selected for scanning
Here you can choose single scan or default scan. When you have determined that there is a certain danger, it is better to choose a single scan, otherwise, please choose the default.
AWVS will automatically monitor the banner and system when you go to the website. This is very important for further monitoring. Select a scripting language below.
Here you can choose whether to select the login mode for monitoring. Compared with the login monitoring without permission, the depth of login monitoring is deeper. There are two optional login methods below. Each login will load the login process or automatically log in. It is recommended to choose the first one. For the first one, you can choose a different account to log in. The permissions of different accounts are different. The difference makes monitoring more possibilities.
After selecting the first login method, we entered the page for creating a login file. After logging in, we can choose any page element and then log out. Then choose finish
The scanning interface is very clear, and the current scanning progress and real-time results can be seen by clicking on it.
When the scan is over, you can click report to generate an electronic report
The report contains the results of all detections and a detailed description of each vulnerability risk and suggested workarounds. It is very convenient and easy to understand, but tools can not replace labor. As a qualified safety personnel, you must test each danger and modify the report and make a new report.
Some other functions of this attack are also very powerful, such as the function of listing the directory, which can accurately present the directory structure of the target website and provide convenience for subsequent operations.
Subdomain scanning, by monitoring its cache through its own DNS connection to the target DNS, finds the subdomains under the first-level domain name. This method is quite accurate. It finds a breakthrough for penetration testing, and sometimes even BANNER will find it.
Different large scan configurations are required for different websites. For example, the scan depth and timeout period, etc., will not be redundant here.
2. WebInspect (Enterprise class leak
HP WebInspect provides fast scanning capabilities, broad security assessment coverage, and accurate web application security scan results. It can identify many security vulnerabilities that cannot be detected by traditional scanners. With innovative assessment techniques such as simultaneous crawl and audit (SCA) and concurrent application scans, you can automate web application security testing and web service security testing quickly and accurately. WebInspect is the most accurate and comprehensive automated web application and web service vulnerability assessment solution.
Using WebInspect, security professionals and compliance auditors can quickly and easily analyze numerous web applications and web services in their own environment. WebInspect is the only product that is maintained and updated daily by the world's leading web security experts. These solutions are specifically designed to assess potential security vulnerabilities and provide all the information needed to fix them.
WebInspect brings the latest assessment technology, web application security products that can adapt to any enterprise environment. When you start a vulnerability assessment, WebInspect's "assessment agent" is able to analyze all areas of your web application. When these agents complete the assessment, all findings are automatically aggregated to a core security engine for analysis of the results. After that, WebInspect starts the audit engine, evaluates the collected information, and applies attack algorithms to find vulnerabilities and determine their severity. Through the above approach, WebInspect can continuously use the appropriate assessment resources to suit your specific application environment.
Just select the basic scan. For the convenience of the demonstration, the scan wizard is selected first.
Select the website that needs to be missed, and it will be automatically monitored
The live website interface will be displayed.
Select here to select scan type and scan depth similar to AWVS.
A log-in process file is recorded here. The configuration is similar to AWVS, but it is stored in video mode.
Subsequent operations can also generate reports as easily as AWVS. The computer configuration is not enough to be stuck here for a long time (8G+250SSD), so friends who want to run must consider the configuration of their computer.
Several gadgets are not only convenient, but have been tested and found to be extremely accurate and almost error-free. The first is the discovery of banners and the discovery of script types.
The login and cracking of the account password mainly depends on whether the dictionary at hand is strong and professional. The cracking speed is very fast.
This is a small tool for the discovery of host ports, delete hosts that open specified ports and use them.
3.AppScan
Perform automated Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) for modern web applications and services. A comprehensive JavaScript execution engine supporting Web 2.0, JavaScript and AJAX frameworks. SOAP and REST web services testing covering XML and JSON infrastructure supports the WSSecurity standard, XML encryption, and XML signing. Detailed vulnerability announcements and remediation suggestions. Over 40 compliance reports, including Payment Card Industry Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), ISO 27001 and ISO 27002, and Basel II.
Selecting Scan Now will take you to the option of an expert evaluation, which will perform the default configuration for host discovery and scanning
Scan configuration here, choose the scan settings that best match your test
Since the tool has very strict requirements on the scanning process, it takes a long time.
The analysis of the results is very detailed and even the problems at the code are given, and professional consulting services can be provided. It can be called a lightweight scanning artifact.
The download addresses of the three scanners and crackers are given below
Awvs:http://pan.baidu.com/s/1dFcCSpV
WebInspect:http://pan.baidu.com/s/1nvxvuJn
AppScan:http://pan.baidu.com/s/1dELbZ81
http://blog.csdn.net/pygain/article/details/52729266