Darknet – The Darkside

Arachni is a high-performance (Open Source) Web Application Security Scanner Framework written in Ruby.

This version includes lots of goodies, including:

• A new light-weight RPC implementation (No more XMLRPC)
• High Performance Grid (HPG) — Combines the resources of multiple nodes for lightning-fast scans
• Updated WebUI to provide access to HPG features and context-sensitive help
• Accuracy improvements and bugfixes for the XSS, SQL Injection and Path Traversal modules
• New report formats (JSON, Marshal, YAML)
• Cygwin package for Windows

New plugins

• ReScan — It uses the AFR report of a previous scan to extract the sitemap in order to avoid a redundant crawl.
• BeepNotify — Beeps when the scan finishes.
• LibNotify — Uses the libnotify library to send notifications for each discovered issue and a summary at the end of the scan.
• EmailNotify — Sends a notification (and optionally a report) over SMTP at the end of the scan.
• Manual verification — Flags issues that require manual verification as untrusted in order to reduce the signal-to-noise ratio.
• Resolver — Resolves vulnerable hostnames to IP addresses.

IF you want a slightly more detailed description of what’s changed you can check here, or view the ChangeLog.

You can download Arachni v0.4 here:

Windows – arachni-v0.4.0.2-cygwin.exe
Linux – arachni-v0.4.0.2-cde.tar.gz

Or read more here.