DefenseCode is pleased to announce that we are giving away a Community
Edition of our DefenseCode Web Security Scanner v2.0 absolutely free of
charge for personal and non-commercial use
(https://www.defensecode.com/webscanner.php).
DefenseCode Web Security Scanner is a DAST (Dynamic Application Security
Testing) product for testing security of live web sites and web
applications. All security scanning and vulnerability detection features
available in the full (Pro) version of DefenseCode Web Security Scanner
are also available in the Community Edition. There are no limitations in
vulnerability detection.
You will be able to scan for SQL Injection, Blind SQL Injection, Cross
Site Scripting, Command Execution, Path Traversal, Code Injection, HTTP
Response Splitting and 50 other vulnerability types including OWASP TOP
10 and thousands of CVE described vulnerabilities. Moreover, DefenseCode
Web Security Scanner will even detect if there is a some sort of WAF
(Web Application Firewall) in front of the web site that you are scanning.
DefenseCode Web Security Scanner can be used regardless of the web
application development platform. Web Security Scanner supports major
web technologies such as HTML, HTML5, Web 2.0, AJAX/jQuery, JavaScript
and Flash. DefenseCode Web Security Scanner supports security testing of
HTTP GET requests, HTTP POST requests, HTTP Cookies, HTTP Headers, JSON
and XML formatted HTTP requests.
Although DefenseCode Web Security Scanner can be easily used as
click-and-run tool, it is also easily configured for advanced security
testing. You can configure a number of collected links, depth of scan,
number of threads, custom 404 pages, scanning exclusions, vulnerability
types that you want to scan for and many more.
Beside straightforward security scans, there is also a possibility to
set post-authentication web security scanning. DefenseCode Web Security
Scanner supports web based authentication with Basic, Digest and NTLM
authentication, Client SSL Cert authentication, custom cookie
authentication and complete authentication process recorder for HTML
form based authentication. Within DefenseCode Web Security Scanner there
is also an HTTP Proxy incorporated for recording much more complicated
login procedures.
Along with the web security scanning capabilities there are also
additional security tools like HTTP Request Composer, Authentication
Tester, URL Fuzzer and Authentication Recorder.
Best of all, we are providing the Community Edition of the product
absolutely free of charge as long as it is for non-commercial and
personal use.
You can download the DefenseCode Web Security Scanner Community Edition
here: https://www.defensecode.com/webscanner.php (at the bottom of the
page).
Regards,
DefenseCode Team
www.defensecode.com