Search Results for "project"

...This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

O Uniscan é um scanner de vulnerabilidade para aplicações Web, escrito em Perl para o ambiente Linux. Ele foi desenvolvido como trabalho de conclusão do curso de ciência da computação da Universidade Federal do Pampa e está licenciado sob a GNU General Public License 3.0 (GPL 3) .

Cake Fuzzer is an open-source project meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently, it is implemented to support the Cake PHP framework. Cake Fuzzer is based on the concept of Interactive Application Security Testing (IAST). The goals of the project are: - create an automated process of discovering vulnerabilities in applications based on the CakePHP Framework; - no application knowledge requirement or pre-configuration of the web application; - result with minimal or close to 0 amount of false positives; - require minimal security knowledge to run the scanner.

The Nessus vulnerability scanner does a great job finding vulnerabilities but not such a great job reporting. This project loads the scan results in a database in order to facilitate the reporting.