Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.This version includes lots of goodies, including:
* A new light-weight RPC implementation (No more XMLRPC)
* High Performance Grid (HPG) -- Combines the resources of multiple nodes for lightning-fast scans
* Updated WebUI to provide access to HPG features and context-sensitive help
* New plugins
* ReScan — It uses the AFR report of a previous scan to extract the sitemap in order to avoid a redundant crawl.
* BeepNotify — Beeps when the scan finishes.
* LibNotify — Uses the libnotify library to send notifications for each discovered issue and a summary at the end of the scan.
* EmailNotify — Sends a notification (and optionally a report) over SMTP at the end of the scan.
* Manual verification — Flags issues that require manual verification as untrusted in order to reduce the signal-to-noise ratio.
* Resolver — Resolves vulnerable hostnames to IP addresses.
* Accuracy improvements and bugfixes for the XSS, SQL Injection and Path Traversal modules
* New report formats (JSON, Marshal, YAML)
* Cygwin package for WindowsFor a more detailed walk-through of what's new check-out:
http://trainofthought.segfault.gr/2012/01/07/arachni-v0-4-is-out/ Details at: http://arachni.segfault.gr/latest
ChangeLog: http://arachni.segfault.gr/latest#v0.4Homepage: http://arachni.segfault.gr
Github page: http://github.com/zapotek/arachni
Documentation: http://github.com/Zapotek/arachni/wiki
Google Group: http://groups.google.com/group/arachni
Author: Tasos "Zapotek" Laskos
Twitter: http://twitter.com/Zap0tek
Copyright: 2010-2012
License: GNU General Public License v2
* A new light-weight RPC implementation (No more XMLRPC)
* High Performance Grid (HPG) -- Combines the resources of multiple nodes for lightning-fast scans
* Updated WebUI to provide access to HPG features and context-sensitive help
* New plugins
* ReScan — It uses the AFR report of a previous scan to extract the sitemap in order to avoid a redundant crawl.
* BeepNotify — Beeps when the scan finishes.
* LibNotify — Uses the libnotify library to send notifications for each discovered issue and a summary at the end of the scan.
* EmailNotify — Sends a notification (and optionally a report) over SMTP at the end of the scan.
* Manual verification — Flags issues that require manual verification as untrusted in order to reduce the signal-to-noise ratio.
* Resolver — Resolves vulnerable hostnames to IP addresses.
* Accuracy improvements and bugfixes for the XSS, SQL Injection and Path Traversal modules
* New report formats (JSON, Marshal, YAML)
* Cygwin package for WindowsFor a more detailed walk-through of what's new check-out:
http://trainofthought.segfault.gr/2012/01/07/arachni-v0-4-is-out/ Details at: http://arachni.segfault.gr/latest
ChangeLog: http://arachni.segfault.gr/latest#v0.4Homepage: http://arachni.segfault.gr
Github page: http://github.com/zapotek/arachni
Documentation: http://github.com/Zapotek/arachni/wiki
Google Group: http://groups.google.com/group/arachni
Author: Tasos "Zapotek" Laskos
Twitter: http://twitter.com/Zap0tek
Copyright: 2010-2012
License: GNU General Public License v2