'vulnerability scanner'에 해당되는 글 2건

  1. 2011.09.20 wavsep: Web Application Vulnerability Scanner Evaluation Project
  2. 2010.10.12 SiVuS - VoIP vulnerability scanner
2011. 9. 20. 18:58

wavsep: Web Application Vulnerability Scanner Evaluation Project

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. 

This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.

Additional information can be found in the developer's blog: http://sectooladdict.blogspot.com/

Project WAVSEP currently includes the following test cases:


  • Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
  • Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST )
  • Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST )
  • Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST )

False Positives:

  • 7 different categories of false positive Reflected XSS vulnerabilities (GET & POST )
  • 10 different categories of false positive SQL Injection vulnerabilities (GET & POST)

Additional Features:

  • A simple web interface for accessing the vulnerable pages
  • Sample detection & exploitation payloads for each and every test case
  • Database connection pool support, ensuring the consistency of scanning results

Although some of the test cases are vulnerable to additional exposures, the purpose of each test case is to evaluate the detection accuracy of one type of exposure, and thus, “out of scope” exposures should be ignored when evaluating the accuracy of vulnerability scanners.

출처 : http://code.google.com/p/wavsep/

Trackback 0 Comment 0
2010. 10. 12. 11:12

SiVuS - VoIP vulnerability scanner


Download: need to be registered

Licence: free

DescriptionSiVuS is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations and it is used by VoIP product vendors, security consultants, network architects, researchers and students. We encourage our community to provide us with feedback so we can enhance the current implementation and support the efforts to strengthen the security of VoIP networks.

Sivus does not support MGCP and H.323 scanning.



1. SIP Components discovery

In the field "Target network" put the IP range which will be scanned, than press SCAN button.

The format in the target network field should be:

  • – a single IP address to scan.
  •,, – scan three IP addresses (note that each address is separated by a comma)
  • – scan the entire C-class
  • – scan hosts between 13 and 15 inclusively
  • 192.168.2-10.1-5 – scan the B class between subnets 2 and 10 and hosts 1 through 5

We may choose three transport protocol types to scan open ports usuallu uesd by SIP and it is UDP, TCP, TLS.


The result of the scan is described inside central window:

2. Vulnerability scanning

 Select host or hosts and click on Export to send IP address of the host into SCanner Control Panel. Then choose SIP scanner tabs and next Scanner configuration. Set up scanning options.

Part "User information configuration" can be used setup user informations used inside SIP messages during scanning. The SIVUS guide recommends that a test user is defined as the recipient of these messages (calls) in order to minimize user annoyance in a production network.

Trackback 0 Comment 0