Saturday, September 21, 2013

Web Application Security Testing Platform - Websecurify

Websecurify :
                  is One of the powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies. It is available for all major desktop platforms including mobile devices and web via our online security.

Important Features of Websecurify:
                                             The major features of Websecurify are the following:
  • Nice, user-friendly interface which is simple and easy to use
  • Good testing and scanning technology
  • Strong testing engine to detect URLs automatically
  • Extensible with many available add-ons
  • Available for major desktop and mobile platforms
  • Free version also available on all major platforms
As I said, Websecurify is not a fully automatic tool; it will only generate the possible URLs and parameters where vulnerabilities can exist. You will need to verify all those possible URLs and test them manually to confirm the vulnerability. This may sometimes take a while, but the tool’s performance is good.

Which Vulnerabilities Can It Detect?
                                                These are the main vulnerabilities that Websecurify can detect:
  • Cross site scripting
  • Cross site request forgery
  • Path disclosure
  • Internal errors
  • SQL injection
  • URL redirection
  • HTTP response splitting
  • Local and remote file include
  • Session cookies problem
  • Information disclosure problems
  • And many other vulnerabilities
Almost all popular vulnerabilities can be detected with the help of this security tool. SQLI, XSS and CSRF are among the main vulnerabilities exploited by hackers.

A Complete Suite Of Web Security Tools :
                                        The Suite provides a complete and functional marketplace of highly integrated web application security tools. You will find that different areas are covered by various domain-specific solutions. The Suite consists of automated scanners, fuzzers, utilities and many other tools useful in numerous situations

Consistent And Easy To Use

                                           The look and feel is consistent across all applications, which makes them incredibly easy to work with. You no longer have to look for hidden options, remember commands or even change the way you go about doing your work. It all just makes sense.

Wide Coverage Of Security Vulnerabilities

                                         The Suite scanning technology is able to discover variety of issues from XSS, SQL Injection, Local File Includes to Default Logins, Session Problems and many others. OWASP TOP 10, WASC and variety of other lists are well supported. For the complete list of vulnerabilities we can discover just click here.

Pick The Tools You Need The Most

You don't have to pay for things you don't need. The Suite is customizable, which means that you can cherry-pick the tools, which provide most value to you and your team. The Suite Marketplace is proudly the first in the world app store for web application security tools and utilities.

Scalable Across Teams of Any Size

                                   All applications in the Suite run in standard browsers like as Google Chrome and Mozilla Firefox. They are available in online and offline modes. This characteristic makes the Suite extremely scalable. Software updates, installs and other nuisances are just problems of the past. This is perfect for large development, quality assurance and penetration testing teams.

Download and Installation :
                                            First of all, you need to download Websecurify from its Official Website. Although it is a commercial product, you can use the open source version of Websecurify to test your application for free. You can download the open source version from Google Code. This tool is available for all major desktop and mobile platforms, including:
  • Windows
  • Mac
  • Linux
  • iOS
  • Android
  • Web App
This nice penetration testing tool is also available for Google Chrome and Mozilla Firefox. One thing worth mentioning here is that WebSecurify is the first and only web application penetration testing tool that is also designed to run direct from the browser with support for both Google Chrome and Mozilla Firefox.
I personally recommend using the desktop app for better performance but using the web browser extension also works well.

Download Link :