Penetration Testing
Arachni v0.4.6-0.4.3 has been released (Open Source Web Application Security Scanner Framework) Jan 01 2014 06:01PM
Tasos Laskos (tasos laskos gmail com)
Hey folks,

There's a new version of Arachni, an Open Source, modular and
high-performance Web Application Security Scanner Framework written in Ruby.

Brief list of changes:

* Massively decreased RAM consumption.
* Amount of performed requests cut down by 1/3 -- and thus 1/3 decrease in scan times.
* Overhauled timing attack and boolean/differential analysis algorithms to fix
SQLi false-positives with misbehaving webapps/servers.
* Vulnerability coverage optimizations with 100% scores on WAVSEP's tests for:
* SQL injection
* Local File Inclusion
* Remote File Inclusion
* Non-DOM XSS -- DOM XSS not supported until Arachni v0.5.

* Implemented Scan Scheduler with support for recurring scans.
* Redesigned Issue table during the Scan progress screen, to group
and filter issues by type and severity.

For more details about the new release please visit:

Download page:

Homepage -
Blog -
Documentation -
Support -
GitHub page -
Code Documentation -
Author - Tasos "Zapotek" Laskos (
Twitter -
Copyright - 2010-2014 Tasos Laskos
License - Apache License v2

Tasos Laskos.


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus