Netsparker® can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on. Netsparker's unique detection and exploitation techniques allows it to be dead accurate in reporting hence it's the first and the only False Positive Free web application security scanner. List of vulnerabilities check: SQL Injection Netsparker can detect different SQL Injections including Error Based, Blind and Time Based SQL Injections. SQL Injection engine is quite comprehensive and can detect Blind SQL Injections even in complicated queries. After identification of the vulnerability, Netsparker will carry out extra checks to identify if the database user used by the application has admin privileges. In this case it'll report a separate issue called “Database User Has Admin Privileges” XSS (Cross-site Scripting) Netsparker identifies Permanent/Stored and Reflective Cross-site Scriptings. Cross-site scripting issues can be identified in parameters or in the URL. It carries out several different attacks to bypass known and custom weak protections. XSS (Cross-site Scripting) via Remote File Injection Netsparker detects if it's possible to call a remote file to execute JavaScript in the current page by an attacker. This can be used by attackers to carry out normal Cross-site scripting attacks. XSS (Cross-site Scripting) in URLs Netsparker detects Cross-site Scripting issues in URLs. This is common in websites using URL Rewrite and PHP. Local File Inclusions & Arbitrary File Reading Netsparker detects Local File Inclusion and Arbitrary File Reading issues. It detects if an attacker can access files and source code from the server. It supports Windows and *nix systems. It carries out advanced checks, it uses process directories, Null byte injection attacks, dynamic file extension replacements and many other methods to bypass weak filters and black listings. It checks if the Local File Inclusion can be used for executing remote commands by injecting code into log files. Netsparker has exploitation features for Local File Inclusion attacks. Remote File Inclusions Netsparker detects if the application is vulnerable to Remote File Inclusions which allow an attacker to inject a remote file and execute piece of code in the server. Netsparker carries out several dynamic requests and tries to bypass many weak protections and black-listings. Remote Code Injection / Evaluation Netsparker detects if the application evaluates / executes the given code in the application by using a dangerous call such as eval(). This is a very dangerous vulnerability and an attacker can use this to execute code in the server. OS Level Command Injection Netsparker detects if an attacker can inject OS command via the web application to execute code in the server. This vulnerability can allow an attacker to gain full access over the server and the web application. CRLF / HTTP Header Injection / Response Splitting Netsparker detects CRLF injection issues in the web applications. This issue can cause many problems, most common of which are Cross-site scripting and session hijacking through carrying out a session fixation attack. Find Backup Files Netsparker tries to find backup and temporary files in the target website by using crawled file names and well-known names. Netsparker identifies if this problem can lead to source code disclosure issues. Crossdomain.xml Analysis Netsparker detects and analyses crossdomain.xml files for problems such as open access policy. An attacker needs to attack an authenticated user of the website to successfully exploit this problem. The attacker can read authenticated users' private messages or carry out actions as the attacked user. If Crossdomain.xml file has open policy then the attacker can bypass any CSRF protections (nonce / CSRF tokens). Finds and Analyse Potential Issues in Robots.txt Netsparker detects and parses links in Robots.txt files. If it identifies a potentially critical URL listed in the Robots.txt, it will report the problem with details. Finds and Analyse Google Sitemap Files Netsparker detects and parses Google Sitemap files to increase the coverage and informs the user that the sitemap file is accessible to confirm that this is the intended behaviour. Detect TRACE / TRACK Method Support Netsparker checks and identifies if TRACE / TRACK HTTP Methods are supported and enabled by the web server. Detect ASP.NET Debugging Netsparker identifies if ASP.NET Debugging is enabled. Detect ASP.NET Trace Netsparker detects if ASP.NET Tracing is enabled and accessible. An attacker can use ASP.NET Tracing output to access active users' sessions and gather information about the application and its structure. Checks for CVS, GIT and SVN Information and Source Code Disclosure Issues Netsparker detects files disclosed by source code versioning systems such as CVS, GIT and SVN. An attacker might exploit this problem to gain access to the source code of the application or might retrieve configuration and other important files. Finds PHPInfo() pages and PHPInfo() disclosure in other pages Netsparker attempts to find forgotten PHPInfo files in the system. It also reports PHPinfo() output in all crawled pages. Disclosed information from PHPInfo() might help attackers to gain more information about the target system. Finds Apache Server-Status and Apache Server-Info pages Netsparker detects if the Apache Server-Status or Server-Info pages are publicly accessible. Apache Server-Status and Server-Info can be used by attackers to gain more information about the target system and will help them to find hidden URLs and currently visited URLs. Find Hidden Resources Netsparker looks for hidden files and directories in the target website. These include: * Test files * Management files and directories * Known vulnerable files / scripts For example, even if it's not linked anywhere in the website, Netsparker will identify the “admin” directory. Basic Authentication over HTTP Netsparker reports if the server requests Basic Authentication over HTTP. An attacker who can sit between the user and the website might carry out a MITM (Man in the middle) or sniffing attack to capture the user's password. Password Transmitted over HTTP Netsparker identifies if the website sends passwords over HTTP. An attacker who can sit between the user and the website might carry out a MITM (Man in the middle) or sniffing attack to capture the user's password. Password Form Served over HTTP Netsparker identifies if a login form is served over HTTP and target of the form is HTTPS. Many developers might not be aware that this is a security issue, therefore Netsparker reports a detailed issue for this problem to ensure that issue is correctly addressed by developers. An attacker who can sit between the user and the website might carry out a MITM (Man in the middle) and inject a piece of JavaScript code to steal the password before it reaches HTTPS or the attacker can easily change the target of the form to HTTP as well to steal the user's password. Source Code Disclosure Netsparker provokes the web server to disclose source code where possible and detects if the source code disclosure is due to a configuration problem, a security issue or just commented code. An attacker can access hard coded passwords, might learn more about the logic of the application and gain more information about the system by reading the disclosed source code. Auto Complete Enabled Netsparker identifies if Auto Complete is left Enabled in sensitive form fields such as Credit Card numbers. An attacker who can access the user's computer can access these auto complete data cached by the browser. This is especially critical if the website is used from public computers. ASP.NET ViewState Analysis Netsparker analyses ViewState related issues in ASP.NET pages. ViewState is not Signed Netsparker reports a new issue if the ViewState in the page is not signed. In this case an attacker might modify the content of the ViewState and subvert the logic of the application or carry out other attacks by changing the ViewState . ViewState is not Encrypted Netsparker reports a vulnerability if the ViewState in the page is not encrypted. In this case an attacker can read the data within ViewState by simply decoding it. This might leak sensitive information. E-mail Address Disclosure Netsparker identifies email addresses exposed on the website. This can help users to identify what sort of information they exposed on the internet and can also . Internal IP Disclosure Netsparker identifies internal IP Disclosure issues where a system exposes its internal network IP address. Cookies are not marked as Secure Netsparker reports an issue if cookies are not marked as “Secure” in HTTPS websites. Not marking cookies as “Secure” can allow attackers to steal the cookies over an HTTP connection and use those cookies to login to the application. Cookies are not marked as HTTPOnly Netsparker reports an issue if the cookies are not marked as HTTPOnly. JavaScript can't read cookies if they are marked as “HTTPOnly”; this means a Cross-site Scripting attack can't just steal the cookies via JavaScript. However that doesn't mean the application is secure. Cross-site Scripting vulnerabilities should be addressed even if cookies are marked as “HTTPOnly”, since there are many other ways to use Cross-site Scripting attacks. “HTTPOnly” should be considered as a defence in depth feature and should be used where possible. Directory Listing Netsparker detects if directory listing is enabled in the web server. Directory listing can allow attackers to see all files in the system and help them to gain more information or download sensitive files from the target system. Stack Trace Disclosure Netsparker identifies if the target application is disclosing stack trace information. Stack trace can leak information about internals of the application and might include some sensitive data or application logic related clues. Version Disclosure Netsparker identifies version disclosures in HTTP Headers and HTTP responses. It supports many frameworks and well known languages and web servers such as ORACLE, IIS, PHP, ASP.NET, Apache, Apache Modules, JSP. Access Denied Resources Netsparker reports an information issue when access is denied to the requested resources. This can help the user to identify the design of the application and possible resources that exist in the web server but are not publicly available. Internal Path Disclosure Netsparker identifies if an application discloses internal paths related to the application or the configuration. This generally indicates a programming error in the application and can help an attacker to gain more information about internals of the system. An attacker can use this information while crafting an exploit for another identified vulnerability. Programming Error Messages Netsparker provokes the given website to give error messages and reports these. These errors have no direct security impact but most of the time they indicate a programming error, quality issue or potential vulnerability in the application. Many of them also leak information about the logic or implementation of the application, which can help an attacker to identify or exploit other related issues. Database Error Messages Netsparker provokes and reports database error messages leaked by the website. If the problem is related to SQL Injection, then a separate issue will be raised by Netsparker; otherwise this is reported to inform the user that the application is giving away some database error messages which is potentially related to a programming error or another problem regarding the database connectivity.

Download:

cyber-cliff Reviewed by cyber-cliff on . netspaker free web application security testing tool Netsparker® can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on. Netsparker's unique detection and exploitation techniques allows it to be dead accurate in reporting hence it's the first and the only False Positive Free web application security scanner. List of vulnerabilities check: SQL Injection Netsparker can detect different SQL Injections including Error Based, Rating: 5