SandCat Web Scanner 3.3 available

Sandcat provides more than 30,000 security checks for all leading web server platforms

 Provides over 260 web application security checks, covering over 38 types of web security attacks — a target server can be local or remote
 Crawls web sites and detects cross-site scripting, directory transversal problems, attempts to execute commands and multiple other attacks
 Scans web servers for the SANS Top Twenty (C1), the OWASP Top 10 and the OWASP PHP Top 5 vulnerabilities
 Allows to scan for specific vulnerabilities, such as Fault Injection, SQL Injection and XSS (Cross-Site Scripting) vulnerabilities
 Allows to define a range or list of IP addresses to be scanned
 Allows to define multiple start URLs
 Allows to perform destructive and non-destructive scans
 Allows to edit the crawling depth: maximum number of links per server, maximum links per page, maximum URL length and maximum response size and more
 Allows to create user signatures for detecting application vulnerabilities Prevents logout
 Tests intrusion detection systems
 Exploits AJAX-based web applications
 Supports host authentication (basic and web form authentication)
 Supports OSVDB, NVD, CVE and CWE
 Stores and allows you to view the HTTP request and response for each successful test
 Automatically discovers and analyzes the server’s configuration to determine which tests are needed
 Analyzes robots.txt file and javascript
 Includes a Baseline Security Scanner — ensures security against outdated server software
 Expansion Tools - Sandcat® Log Analyzer and Sandcat® Hardener