¢Ã Introduce
WSTOOL is OS-independence Web vulnerable scanner.
- SQL injection For SQL Server
- XSS Cross Site Scripting
- 404/500 server error
- Admin/Manage folder search
- web-base or command-line scanner by PHP
- Check up collate with HTML FORM and URL-Link
¢Ã Last Update
2007.02.01 |
Version 0.14
-On report-page, Act vulns at client-side-PC.
|
2005.11.10 |
Version 0.13
-Admin folder scan(/admin, /manager)
-XSS scan
-FORM ACTION check with (JAVA)SCRIPT
|
|
¢Ã Usage
¡Ø OS-independence
* Command-line
> PHP ws_main.php [HOST | IP] [PORT] [GET|POST] [URL] [ | [COOKIE]] > report.html
ex>
- php ws_main.php 127.0.0.1 80 GET /index.htm > report.html
- php ws_main.php www.test.com 80 GET /default.htm > report.html
- php ws_main.php www.test.com 80 GET /default.htm "ID=myid;PW=test" > report.html
* Web browser (IE & FireFox)
http://InstallDomain.com/wstool/ws_main.php
|
|
|