Web Application Vulnerability & Security Checks

Web application vulnerability and security scanner will detect the following security issues in web application.To afford your web application the maximum degree of protection, web application vulnerability scanner checks for numerous vulnerabilities and deviations from security best practice.

  • SQL Injection 
  • XSS (Cross-site Scripting)
  • Command Injection
  • Blind Command Injection
  • Local File Inclusions & Arbitrary File Reading
  • Remote File Inclusions
  • Remote Code Injection / Evaluation
  • CRLF / HTTP Header Injection / Response Splitting
  • Open Redirection
  • Frame Injection
  • Database User Has Admin Privileges
  • Vulnerability Database (Inferred vulnerabilities)
  • ASP.NET ViewState Vulnerabilities
  • ViewState is not Signed
  • ViewState is not Encrypted
  • Web Backdoor Identified
  • TRACE / TRACK Method Support Enabled
  • XSS Protection Disabled
  • ASP.NET Debugging Enabled
  • ASP.NET Trace Enabled
  • Backup Files Accessible
  • Apache Server-Status and Apache Server-Info pages Accessible
  • Hidden Resources Accessible
  • Crossdomain.xml File Vulnerable
  • Robots.txt File Vulnerable
  • Google Sitemap Vulnerable
  • Silverlight Client Access Policy File Vulnerable
  • CVS, GIT and SVN Information and Source Code Disclosure
  • PHPInfo() Pages Accessible and PHPInfo() Disclosure in other Pages
  • Sensitive Files Accessible
  • Redirect Response BODY Is Too Large 
  • Redirect Response BODY Has Two Responses
  • Insecure Authentication Scheme Used Over HTTP
  • Password Transmitted over HTTP 
  • Password Form Served over HTTP
  • Authentication Obtained by Brute Forcing 
  • Basic Authentication Obtained over HTTP 
  • Weak Credentials 
  • E-mail Address Disclosure 
  • Internal IP Disclosure 
  • Directory Listing
  • Version Disclosure
  • Internal Path Disclosure
  • Access Denied Resources
  • MS Office Information Disclosure
  • Auto Complete Enabled 
  • MySQL Username Disclosure 
  • Default Page Identified
  • Cookies are not marked as Secure
  • Cookies are not marked as HTTPOnly
  • Stack Trace Disclosure
  • Programming Error Message Disclosure
  • Database Error Message Disclosure
  • Application Source Code Disclosure
Home / Collections / Web Application Security