Sunday, January 08, 2012

Arachni

Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.

This version includes lots of goodies, including:
 * A new light-weight RPC implementation (No more XMLRPC)
 * High Performance Grid (HPG) -- Combines the resources of multiple nodes for lightning-fast scans
 * Updated WebUI to provide access to HPG features and context-sensitive help
 * New plugins
   * ReScan — It uses the AFR report of a previous scan to extract the sitemap in order to avoid a redundant crawl.
   * BeepNotify — Beeps when the scan finishes.
   * LibNotify — Uses the libnotify library to send notifications for each discovered issue and a summary at the end of the scan.
   * EmailNotify — Sends a notification (and optionally a report) over SMTP at the end of the scan.
   * Manual verification — Flags issues that require manual verification as untrusted in order to reduce the signal-to-noise ratio.
   * Resolver — Resolves vulnerable hostnames to IP addresses.
 * Accuracy improvements and bugfixes for the XSS, SQL Injection and Path Traversal modules
 * New report formats (JSON, Marshal, YAML)
 * Cygwin package for Windows

For a more detailed walk-through of what's new check-out:
http://trainofthought.segfault.gr/2012/01/07/arachni-v0-4-is-out/

Details at:  http://arachni.segfault.gr/latest
ChangeLog:   http://arachni.segfault.gr/latest#v0.4

Homepage:       http://arachni.segfault.gr
Github page:    http://github.com/zapotek/arachni
Documentation:  http://github.com/Zapotek/arachni/wiki
Google Group:   http://groups.google.com/group/arachni
Author:         Tasos "Zapotek" Laskos
Twitter:        http://twitter.com/Zap0tek
Copyright:      2010-2012
License:        GNU General Public License v2

Posted via email from Jasper-Net