Penetration Testing
Arachni v0.4 has been released (Open Source Web Application Security Scanner Framework) Jan 07 2012 06:49AM
Tasos Laskos (tasos laskos gmail com)
Hi guys,

This is just to let you know that there's a new version of Arachni.

Arachni is a high-performance (Open Source) Web Application Security
Scanner Framework written in Ruby.

This version includes lots of goodies, including:
* A new light-weight RPC implementation (No more XMLRPC)
* High Performance Grid (HPG) -- Combines the resources of multiple
nodes for lightning-fast scans
* Updated WebUI to provide access to HPG features and
context-sensitive help
* New plugins
* ReScan ? It uses the AFR report of a previous scan to extract the
sitemap in order to avoid a redundant crawl.
* BeepNotify ? Beeps when the scan finishes.
* LibNotify ? Uses the libnotify library to send notifications for
each discovered issue and a summary at the end of the scan.
* EmailNotify ? Sends a notification (and optionally a report) over
SMTP at the end of the scan.
* Manual verification ? Flags issues that require manual
verification as untrusted in order to reduce the signal-to-noise ratio.
* Resolver ? Resolves vulnerable hostnames to IP addresses.
* Accuracy improvements and bugfixes for the XSS, SQL Injection and
Path Traversal modules
* New report formats (JSON, Marshal, YAML)
* Cygwin package for Windows

For a more detailed walk-through of what's new check-out:

Details at:

Github page:
Google Group:
Author: Tasos "Zapotek" Laskos
Copyright: 2010-2012
License: GNU General Public License v2

All available installation options and usage instructions can be found
in the homepage and the GitHub page.

I hope that you find it useful.

If you run into any problems or want to make a suggestion or feature
request the following pages will allow you to do so:

Tasos "Zapotek" Laskos.


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus