0x01 Introduction
Netsparker is an easy-to-use Web application vulnerability scanning tools, you can crawl, attack and identify the presence of a variety of Web applications vulnerabilities. To identify Web application vulnerabilities including SQL injection, XSS (cross-site scripting), command injection, local file inclusion and read arbitrary files, remote file inclusion, frame injection, internal path information disclosure.
Unlike other vulnerability scanner, Netsparker has a relatively low false alarm rate, as Netsparker perform several tests to confirm that any identified vulnerabilities. It also has a JavaScript engine that can parse, analyze and execute JavaScript and VBScript output Web applications use. Therefore, Netsparker can successfully crawl and fully understand the site (using a different AJAX frameworks, custom code, or well-known frameworks such as jQuery).
0x02 Download
Download: Link: https://pan.baidu.com/s/1vkFGeQ-Bcf-_PsT5008nFw extraction code: i5hc
Installation: Installation Netsparker must .net 4.7.2 and above frame installation
Netsparker support safety tests include
- SQL Injection
- XSS (cross site scripting)
- DOM XSS
- Command injection
- Blind command injection
- Local file contains any file and read
- Remote File Inclusion
- Remote code injection / evaluation
- CRLF / HTTP header injection / response splitting
- Open redirects
- Frame injection
- Database user with administrator privileges
- Vulnerability - Database (inferred vulnerability)
- ViewState Unsigned
- ViewState unencrypted
- Network backdoor
- TRACE / TRACK Method Support Enabled
- Disable XSS protection
- ASP.NET debugging is enabled
- ASP.NET tracking is enabled
- Backup files accessible
- Apache Server-Status accessible and Apache Server-Info page
- Hidden resources accessible
- Vulnerable Crossdomain.xml file
- Vulnerable Robots.txt file
- Google Sitemap vulnerable
- 应用程序源代码披露
- Silverlight客户端访问策略文件易受攻击
- CVS,GIT和SVN信息和源代码披露
- PHPInfo()页面可访问和PHPInfo()在其他页面中的公开
- 敏感文件可访问
- 重定向响应BODY太大
- 重定向响应BODY有两个响应
- 通过HTTP使用的不安全认证方案
- 密码通过HTTP传输
- 密码表格通过HTTP服务
- 通过暴力强制获得的身份验证
- 通过HTTP获得基本身份验证
- 弱证书
- 电子邮件地址披露
- 内部知识产权披露
- 目录列表
- 版本披露
- 内部路径披露
- 访问被拒绝的资源
- MS Office信息披露
- 自动完成启用
- MySQL用户名披露
- 默认页面安全性
- Cookie未标记为安全
- Cookie未标记为HTTPOnly
- 堆栈跟踪披露
- 编程错误消息披露
- 数据库错误消息披露