ScanEx vBeta - Scanning for iFrame and Script Injections

In: Configurations checks , ScanEx , Vulnerability Scanner

11 September 2009

This is a simple utility which runs against target site and look for external references and cross domain malicious injections.

There are several vulnerable sites which get manipulated with these types of injections and compromised. The site gets registered with stopbadware and other databases as well. This tool helps in doing initial scanning to look from obvious injections. At this point it is looking into iframe and script tags as defined in regex file.

This is beta version of the toolkit and it is in the development phase.

Post scriptum

Download ScanEx vBeta

Compliance Mandates

Vulnerability Scanner :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Configurations checks	10 May 2010 : WebTest 1.2.1 - Testing Web Application with Python 1 May 2010 : Lansweeper v4.0 released 1 May 2010 : Sysinternal AccessChk v5.0 released 1 May 2010 : Spiceworks v4.7 build 50667 released 28 April 2010 : NSIA (Network System Integrity Analysis) v0.8.99 released
ScanEx	11 September 2009 : ScanEx vBeta - Scanning for iFrame and Script Injections
Vulnerability Scanner	12 May 2010 : Complemento v0.7.6 - Collection of Tools 10 May 2010 : SQLNinja v0.2.5 released! 26 April 2010 : Acunetix WVS v6.5 build 20100419 released 22 April 2010 : OpenSCAP v0.5.9 released 20 April 2010 : Sandcat v4.0 released