We first wrote about Sandcat here. It has been one of our favourite web scanners for a long time now. It feels great to have the new and updated Sandcat version 3.9.3. It can now run JS and auto interact with web pages. Sandcat is the most advanced fault-injection testing tool for web applications, which focuses on Open Web Application Security Project (OWASP) and the top SANS vulnerabilities.
These are the new features in Sandcat:
Modern Browser Emulation – Improved support for HTML 5. The new version also expands the browser emulation feature set by adding new HTTP and SSL/TLS options, Socks support and additional authentication options.
Improved Defense Evasion – Added new filter evasion techniques (UTF8-Decode and others). Version 3.9 also includes additional WAF and IDS evasion techniques, targeting mod_security and PHP-IDS.
New Extensions – Improved Session Manager, User-Agent Changer, new Vulnerability Search screen.
And more – Support for the NBE, the Nessus BackEnd report format, ability to import/export string lists from/to files, added command-line support and scan scheduling capabilities to the newly introduced Session Launcher tool.
Web 2.0 compatible – Sandcat offers the degree of flexibility and versatility required to support any web environment, anywhere. It has been designed to intelligently handle complex, large web sites and automatically adapt to different web environments and technologies.
Download Sandcat version 3.9.3 here !
You must log in to post a comment.