JSky为何物?
JSky是一款基于GUI界面的、运行在Windows平台下的、完全免费的自动化Web应用漏洞扫描软件。 ; )

JSky能够做什么?
JSky支持非常多的Web漏洞扫描,基本上所有商用化的漏洞扫描软件支持的JSky都支持,最常见的包括如下一些漏洞:

SQL注入(SQL Injection )
跨站脚本(XSS )
不安全的对象引用(Unsecure object using )
本地路径泄露(Local path disclosure )
不安全的目录权限(Unsecure directory permissions )
服务器漏洞如缓冲区溢出和配置错误(Server vulnerabilities like buffer overflow and configure error)
敏感目录和文件扫描(Possible sensitive directories and files scan )
备份文件扫描(Backup files scan )
源代码泄露(Source code disclosure )
命令执行(Command Execute )
文件包含(File Include )
Web木马后门(Web backdoor )
敏感信息(Sensitive information )
等等……

事实上,JSky不仅仅只是一款漏洞扫描软件,他更是一款功能超强的渗透测试利用工具。; )

为什么我应该使用JSky?
Look at these features and benefits, I think you will love it right away:

Powerful web spider that multi-threaded scanner crawls hundreds of thousands of pages with ease, also supports extract links from JavaScript and flash.
Advanced and in-depth SQL injection, you maybe had heard about Pangolin. Yes, I use its engine so it can detect these vulnerabilities exactly. Do not like others which using method of Pattern Matching. Databases include oracle, MSSQL, Mysql, Informix, DB2, Access, Sqlite, Sybase, PostgreSQL and some others.
Modularization design of vulnerability scanner, so everybody can code and share their module.
XML-based vulnerability file, and integrated a Web vulnerability executive parser which means you can design a vulnerability just by editing the XML file, no need to code any program.
It’s totally FREE.
谁应该使用JSky?
如下一些人员可能对JSky会比较感兴趣:

渗透测试人员
网站管理员
安全技术爱好者
甚至是……黑客?



分享到: 更多

这篇日志的 QR 二维码为:

四月 17th, 2009

Posted In: 未分类

发表评论

电子邮件地址不会被公开。 必填项已用*标注

无觅相关文章插件,快速提升流量