[ad]<\/p>\n
As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. For example, there has been extensive press coverage of recent security incidences involving the loss of sensitive credit card information belonging to millions of customers.<\/p>\n
Typical web application security vulnerabilities result from generic input validation problems. Examples of such vulnerabilities are SQL injection and Cross-Site Scripting (XSS). Although the majority of web vulnerabilities are easy to understand and to avoid, many web developers are, unfortunately, not security-aware. As a result, there exist many web sites on the web that are vulnerable.<\/p>\n
SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.<\/p>\n
Software Requirements<\/strong><\/p>\n Known Issues<\/strong><\/p>\n You can also find out more from the SecuBat paper published here:<\/p>\n secubat.pdf<\/a> [PDF]<\/p>\n You can download SecuBat v0.5 here:<\/p>\n\n
\n
\nan attacking run afterwards if you not choose to do a combined run.<\/li>\n