We were actually waiting for a release of this scanner since the day a paper about it was presented at ISECLAB. SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities
As the web popularity increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. For example, there has been extensive press coverage of recent security incidences involving the loss of sensitive credit card information belonging to millions of customers.
Web application security vulnerabilities result from generic input validation problems. Examples of such vulnerabilities are SQL injection and Cross-Site Scripting (XSS). Although the majority of web vulnerabilities are easy to understand and to avoid, many web developers are, unfortunately, not security aware. As a result, there exist many web sites on the web that are vulnerable to such attacks.
SecuBat is specially built for web based SQL injection attacks. Using SecuBat we need to have some or basic knowledge of SQL injection techniques which we can customize and use it for web application audit or attack. Source code for SecuBat is also available for development, though it will be released at a later date.
Download SecuBat version 0.5 here
Searches leading to this post:top 10 web vulnerability scanner, best web vulnerabilities scan download, download secubat, open source web vulnerability scanner, Top 10 Web Vulnerability Scanners 2010
You must log in to post a comment.