[ZanGetsu]

WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote or local web applications for security vulnerabilities. As it is running, the details of the scan are updated dynamically for the user. These details include the status of the scan, the number of URLs found in the web application, the number of vulnerabilities encountered, and the details of the vulnerabilities encountered.

After a scan, a detailed PDF report will be emailed to the user. The report includes a description of vulnerabilities encountered, recommendations and details of where and how each vulnerability was exploited.

The vulnerabilities analyzed by WebVulScan are:
Reflected Cross-Site Scripting
Stored Cross-Site Scripting
Standard SQL Injection
Broken Authentication using SQL Injection
Autocomplete enabled in password fields
Potentially unsafe references to direct objects
Directory Listing Enabled
HTTP Disclosure Banner
SSL certificate unreliable
without validation Redirects
Features:
Crawler: A website is dragged to identify and display all the URLs that belong to the web page.
Scanner: A website is crawled and scans all URLs found for vulnerabilities.
Scan History: Allows the user to view or download PDF reports of previous scans that were performed.
Registration: Allows a user to register in the web application.
Login: Allows a user to log in to the web application.
Options: Allows the user to select which vulnerabilities they want to test (all are enabled by default).
Generation of PDF: dynamic generates a report in detailed PDF format.
Delivery report: The PDF report will be emailed to the user as an attachment.

Download