N-Stalker Web Application Security Scanner无限制版本是一套专门供WEB安全研究顾问针对Web安全评估的解决方案, 集成了著名的N-Stealth Http Security Scanner引擎和高达39000个Web攻击签名数据库,以及申请专利的面向组件Web应用程序安全评估技术. N-Stalker可以说是开发人员,系统安全管理人员,IT审计人员必备的安全工具.可以检测出包括Code Injection, Cross-Site Scripting, OWASP Top10, Web Server Vulnerabilities, 3rd-party Packages Vulnerabilities等的众多漏洞威胁:
more
- Custom Design Errors Cross-site Script Injection Module 跨站脚本注入
- Database Tampering – SQL Injection Module, including:
- Buffer & Integer Overflow attack Module
- Format String attack Module
- File & Directories Tampering Module
- Parameter Tampering Module, including:
- Special Parameter Addition attacks
- LDAP, XPath, XQuery injections
- Boolean Parameter Tampering attacks
- Hidden Parameter Discovery
- Parameter Deletion attacks
- Remote Execution attacks
- File &