Web scanning technology--awvs Scanner Scan Web Vulnerability

Source: Internet
Author: User
Tags sql injection attack

"Experimental Purpose"

1. Understanding the Awvs--web Vulnerability Scanning Tool

2. Learn how to use Awvs


"Experimental principle"

Awvs (Acunetix Web Vulnerability Scanner) Introduction

WVS (Web Vulnerability Scanner) is an automated Web Application security Testing tool that scans Web sites and Web applications that can be accessed through a Web browser and that follow HTTP/HTTPS rules. For any small and medium-sized and large enterprise intranet, extranet, and Web sites for customers, employees, vendors, and other people. WVS can audit the security of a Web application by examining the SQL injection attack vulnerability, cross-site Scripting Attack vulnerability, and so on. It can scan any Web site and Web application that is accessible through a Web browser and follows Http/https rules.

Awvs Function Introduction

Webscanner, core features, web security vulnerability scanning

Site Crawler, crawler function, traverse the directory structure

Target Finder, port scan, find Web server, 80,443

Subdomain Scanner, sub-domain scanner, using DNS queries

Blind SQL Injector, blind Note tool

HTTP editor,http Protocol Packet Editor

HTTP sniffer,http Protocol Sniffer

HTTP Fuzzer, Fuzzy test tool

Authentication tester,web certification Hack tool



"Experimental Steps"

I. Basic usage of AWVS

1.1New Scan, open the Site Scan Wizard

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/77/C1/wKioL1Ztr5PCOwz7AAHc1uJWgBw990.png "style=" float: none; "title=" 11111.png "alt=" Wkiol1ztr5pcowz7aahc1ujwgbw990.png "/>


1.2 Enter Site


1.3 Click "Next", the software automatically identify the target site information, can also be manually modified


650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/77/C2/wKiom1Ztr4-yT52QAACrpg-nkBQ963.png "style=" float: none; "title=" 22222.png "alt=" Wkiom1ztr4-yt52qaacrpg-nkbq963.png "/>


1.4 Click "Next", go to "crawling Options", by default you can


650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/77/C1/wKioL1Ztr5WjXnqyAAD2e-7vlro532.png "style=" float: none; "title=" 33333.png "alt=" Wkiol1ztr5wjxnqyaad2e-7vlro532.png "/>


1.5 Click "Next", select the scan template, the general choice "Default" can


650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/77/C2/wKiom1Ztr5KRN9WoAAD7HSD-VnY558.png "style=" float: none; "title=" 55555.png "alt=" Wkiom1ztr5krn9woaad7hsd-vny558.png "/>



1.6 Click "Next" and add the login information here if the site needs to be logged in



650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/77/C1/wKioL1Ztr5ihn6meAACj2XeFd6E961.png "style=" float: none; "title=" 77777.png "alt=" Wkiol1ztr5ihn6meaacj2xefd6e961.png "/>


1.7 Click "Next", again to confirm the information, error-hit "Finish" to start scanning





650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/77/C1/wKioL1Ztr5mzKT4HAACvYTnIMxQ512.png "style=" float: none; "title=" 88888.png "alt=" Wkiol1ztr5mzkt4haacvytnimxq512.png "/>


1.8 Scan results over a period of time


650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/77/C1/wKioL1Ztr5_hDMWkAAI9e_YEOc0118.png "style=" float: none; "title=" 99999.png "alt=" Wkiol1ztr5_hdmwkaai9e_yeoc0118.png "/>


Second, Awvs advanced function demonstration

2.1 Site Crawler, crawler functions, traverse the Site directory structure, click "Tools" in the "Site Crawler" option, click "Start", you can crawl



650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/77/C2/wKiom1Ztr52CLfGGAAGhLvkIero207.png "style=" float: none; "title=" 1111111.png "alt=" Wkiom1ztr52clfggaaghlvkiero207.png "/>


2.2 Target Finder, port scan, find Web server, 80,83,8003,8080


650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/77/C1/wKioL1Ztr6TS54TqAADJUXAvYWE877.png "style=" float: none; "title=" 2222222.png "alt=" Wkiol1ztr6ts54tqaadjuxavywe877.png "/>








This article from "Hong Seven Public" blog, reproduced please contact the author!

Web scanning technology--awvs Scanner Scan Web Vulnerability

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.