"Experimental Purpose"
1. Understanding the Awvs--web Vulnerability Scanning Tool
2. Learn how to use Awvs
"Experimental principle"
Awvs (Acunetix Web Vulnerability Scanner) Introduction
WVS (Web Vulnerability Scanner) is an automated Web Application security Testing tool that scans Web sites and Web applications that can be accessed through a Web browser and that follow HTTP/HTTPS rules. For any small and medium-sized and large enterprise intranet, extranet, and Web sites for customers, employees, vendors, and other people. WVS can audit the security of a Web application by examining the SQL injection attack vulnerability, cross-site Scripting Attack vulnerability, and so on. It can scan any Web site and Web application that is accessible through a Web browser and follows Http/https rules.
Awvs Function Introduction
Webscanner, core features, web security vulnerability scanning
Site Crawler, crawler function, traverse the directory structure
Target Finder, port scan, find Web server, 80,443
Subdomain Scanner, sub-domain scanner, using DNS queries
Blind SQL Injector, blind Note tool
HTTP editor,http Protocol Packet Editor
HTTP sniffer,http Protocol Sniffer
HTTP Fuzzer, Fuzzy test tool
Authentication tester,web certification Hack tool
"Experimental Steps"
I. Basic usage of AWVS
1.1New Scan, open the Site Scan Wizard
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/77/C1/wKioL1Ztr5PCOwz7AAHc1uJWgBw990.png "style=" float: none; "title=" 11111.png "alt=" Wkiol1ztr5pcowz7aahc1ujwgbw990.png "/>
1.2 Enter Site
1.3 Click "Next", the software automatically identify the target site information, can also be manually modified
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/77/C2/wKiom1Ztr4-yT52QAACrpg-nkBQ963.png "style=" float: none; "title=" 22222.png "alt=" Wkiom1ztr4-yt52qaacrpg-nkbq963.png "/>
1.4 Click "Next", go to "crawling Options", by default you can
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/77/C1/wKioL1Ztr5WjXnqyAAD2e-7vlro532.png "style=" float: none; "title=" 33333.png "alt=" Wkiol1ztr5wjxnqyaad2e-7vlro532.png "/>
1.5 Click "Next", select the scan template, the general choice "Default" can
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/77/C2/wKiom1Ztr5KRN9WoAAD7HSD-VnY558.png "style=" float: none; "title=" 55555.png "alt=" Wkiom1ztr5krn9woaad7hsd-vny558.png "/>
1.6 Click "Next" and add the login information here if the site needs to be logged in
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/77/C1/wKioL1Ztr5ihn6meAACj2XeFd6E961.png "style=" float: none; "title=" 77777.png "alt=" Wkiol1ztr5ihn6meaacj2xefd6e961.png "/>
1.7 Click "Next", again to confirm the information, error-hit "Finish" to start scanning
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/77/C1/wKioL1Ztr5mzKT4HAACvYTnIMxQ512.png "style=" float: none; "title=" 88888.png "alt=" Wkiol1ztr5mzkt4haacvytnimxq512.png "/>
1.8 Scan results over a period of time
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/77/C1/wKioL1Ztr5_hDMWkAAI9e_YEOc0118.png "style=" float: none; "title=" 99999.png "alt=" Wkiol1ztr5_hdmwkaai9e_yeoc0118.png "/>
Second, Awvs advanced function demonstration
2.1 Site Crawler, crawler functions, traverse the Site directory structure, click "Tools" in the "Site Crawler" option, click "Start", you can crawl
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/77/C2/wKiom1Ztr52CLfGGAAGhLvkIero207.png "style=" float: none; "title=" 1111111.png "alt=" Wkiom1ztr52clfggaaghlvkiero207.png "/>
2.2 Target Finder, port scan, find Web server, 80,83,8003,8080
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/77/C1/wKioL1Ztr6TS54TqAADJUXAvYWE877.png "style=" float: none; "title=" 2222222.png "alt=" Wkiol1ztr6ts54tqaadjuxavywe877.png "/>
This article from "Hong Seven Public" blog, reproduced please contact the author!
Web scanning technology--awvs Scanner Scan Web Vulnerability