Penetration Testing
Arachni v0.4 has been released (Open Source Web Application Security Scanner Framework) Jan 07 2012 06:49AM
Tasos Laskos (tasos laskos gmail com)
Hi guys,

This is just to let you know that there's a new version of Arachni.

Arachni is a high-performance (Open Source) Web Application Security
Scanner Framework written in Ruby.

This version includes lots of goodies, including:
* A new light-weight RPC implementation (No more XMLRPC)
* High Performance Grid (HPG) -- Combines the resources of multiple
nodes for lightning-fast scans
* Updated WebUI to provide access to HPG features and
context-sensitive help
* New plugins
* ReScan ? It uses the AFR report of a previous scan to extract the
sitemap in order to avoid a redundant crawl.
* BeepNotify ? Beeps when the scan finishes.
* LibNotify ? Uses the libnotify library to send notifications for
each discovered issue and a summary at the end of the scan.
* EmailNotify ? Sends a notification (and optionally a report) over
SMTP at the end of the scan.
* Manual verification ? Flags issues that require manual
verification as untrusted in order to reduce the signal-to-noise ratio.
* Resolver ? Resolves vulnerable hostnames to IP addresses.
* Accuracy improvements and bugfixes for the XSS, SQL Injection and
Path Traversal modules
* New report formats (JSON, Marshal, YAML)
* Cygwin package for Windows

For a more detailed walk-through of what's new check-out:
http://trainofthought.segfault.gr/2012/01/07/arachni-v0-4-is-out/

Details at: http://arachni.segfault.gr/latest
ChangeLog: http://arachni.segfault.gr/latest#v0.4

Homepage: http://arachni.segfault.gr
Github page: http://github.com/zapotek/arachni
Documentation: http://github.com/Zapotek/arachni/wiki
Google Group: http://groups.google.com/group/arachni
Author: Tasos "Zapotek" Laskos
Twitter: http://twitter.com/Zap0tek
Copyright: 2010-2012
License: GNU General Public License v2

All available installation options and usage instructions can be found
in the homepage and the GitHub page.

I hope that you find it useful.

If you run into any problems or want to make a suggestion or feature
request the following pages will allow you to do so:
https://github.com/Zapotek/arachni/issues
http://groups.google.com/group/arachni

Cheers,
Tasos "Zapotek" Laskos.

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus