Web Application Penetration Testing Tool 1

Arachni
Arachni is a feature-full, modular, high-
performance Ruby framework aimed towards
helping penetration testers and
administrators evaluate the security of web
applications.
Arachni is smart, it trains itself by learning
from the HTTP responses it receives during
the audit process.
Unlike other scanners, Arachni takes into
account the dynamic nature of web
applications and can detect changes caused
while travelling
through the paths of a web application’s
cyclomatic complexity.
This way attack/input vectors that would
otherwise be undetectable by non-humans
are seamlessly handled by Arachni.
Finally, Arachni yields great performance due
to its asynchronous HTTP model (courtesy of
Typhoeus).
Thus, you’ll only be limited by the
responsiveness of the server under audit and
your available bandwidth.
Note: Despite the fact that Arachni is mostly
targeted towards web application security, it
can easily be used for general purpose
scraping, data-mining, etc with the addition
of custom modules.
Sounds cool, right?
Features:
Helper audit methods:
For forms, links and cookies auditing.
A wide range of injection strings/input
combinations.
Writing RFI, SQL injection, XSS etc modules
is a matter of minutes if not seconds.
Currently available modules:
Audit:
SQL injection
Blind SQL injection using rDiff analysis
Blind SQL injection using timing attacks
CSRF detection
Code injection (PHP, Ruby, Python, JSP,
ASP.NET)
Blind code injection using timing attacks
(PHP, Ruby, Python, JSP, ASP.NET)
LDAP injection
Path traversal
Response splitting
OS command injection (*nix, Windows)
Blind OS command injection using timing
attacks (*nix, Windows)
Remote file inclusion
Unvalidated redirects
XPath injection
Path XSS
URI XSS
XSS
XSS in event attributes of HTML elements
XSS in HTML tags
XSS in HTML ‘script’ tags
Recon:
Allowed HTTP methods
Back-up files
Common directories
Common files
HTTP PUT
Insufficient Transport Layer Protection for
password forms
WebDAV detection
HTTP TRACE detection
Credit Card number disclosure
CVS/SVN user disclosure
Private IP address disclosure
Common backdoors
.htaccess LIMIT misconfiguration
Interesting responses
HTML object grepper
E-mail address disclosure
US Social Security Number disclosure
Forceful directory listing
http://www.arachni-scanner.com/