logo icon

WebStrike DAST

DYNAMIC APPLICATION SECURITY TESTING SOLUTION

Websites are constantly exposed to malicious attacks.

WebStrike will put a website’s security to the test by performing a large number of real-time attacks using the most advanced techniques.

  • Simple to use interface
  • Effective & highly accurate results
  • Requires virtually no user input 
PURCHASE LICENCE
GET FREE DEMO

Why is WebStrike your best security solution?

  • Automated vulnerability testing
  • Modern and simple user interface
  • Comprehensive web crawler
  • Fast scanning engine
  • JavaScript and Flash support
  • API security scanning
  • Post-Authentication scanning
  • Security audit tools
  • 60 different vulnerability types
webstike
WebStrike DAST

Simulation of realistic
website attacks

WebStrike will put a website’s security to the test by performing a large number of real-time attacks using the most advanced techniques.

  • Automated vulnerability testing
  • Fast scanning engine
WebStrike DAST

Simulation of realistic website attacks

WebStrike is designed to simulate a real-world attack by running over 5,000 vulnerability and exposure tests for various web server and web technology vulnerabilities.

  • Simple to use interface
  • Effective & highly accurate results
  • Requires virtually no user input
GET FREE DEMO

Take action and discover your vulnerabilities

WebStrike scans for more than 60 different classes of security vulnerabilities

Including OWASP Top 10 and over 5,000 CVE vulnerabilities.

HIGH

  • SQL Injection
  • Blind SQL Injection
  • Timing Based SQL Injection
  • File Disclosure
  • Page Inclusion
  • Command Execution
  • Timing Based Command Execution
  • PHP Code Injection
  • ASP Code Injection
  • PHP File Inclusion
  • Source Code Disclosure
  • LDAP Injection
  • XPath Injection
  • PUT File Upload
  • Server Side Includes
  • Stored Cross Site Scripting
  • Stored Cross Site Scripting Other Page
  • High Risk Server Side Vulnerabilities
  • External Entity Injection (XXE)
  • SSLv2.0 Supported
  • SSLv3.0 Supported

MEDIUM

  • Cross-Site Scripting
  • HTTP Response Splitting
  • Backup File
  • Directory Listing Allowed
  • Form File Upload
  • PHP Error Message
  • Phpinfo Information Disclosure
  • ASP Error Message
  • Cross Site Request Forgery
  • Open Redirection
  • ViewState Not Encrypted
  • Insecure CrossDomain Policy File
  • Medium Risk Server Side Vulnerabilities
  • DOM Cross Site Scripting
  • Java Error Message
  • Weak TLS Cipher Suites Supported
  • TLS 1.2 Is Not Supported
  • Certificate Name Mismatch
  • SSL Expired Certificate
  • Certificate Signed Using Weak Algorithm

LOW

  • Buffer Overflow
  • Common File Name
  • Information Leak
  • Form Input Autocomplete Enabled
  • IP Address Leak
  • E-Mail Address
  • Path Disclosure
  • User Credentials Are Transmitted In
    Clear Text
  • Session Cookie not set to HTTPOnly
  • Software Version Disclosure
  • HTTP Server Disclosure
  • HTTP File Upload Form Detected
  • TRACE HTTP Method Allowed
  • CC Info Leak
  • SSN Info Leak
  • Robots File
  • X-XSS-Protection Header Set To OFF
  • X-Frame-Options Header Not Set
  • OPTIONS HTTP method allowed
  • PUT HTTP method allowed
  • Low Risk Server Side Vulnerabilities
  • Web Application Firewall Detected
  • Open_Basedir Restrictions
  • Sitemap.xml Discovered

SHOW MORE

  • XML External Entity (XXE) Injection
  • Path/Directory Traversal
  • Deserialization of Untrusted Data
  • Server Pages Execution
  • Server Side Request Forgery
  • PHP File Inclusion
  • Buffer Overflow
  • Integer Overflow
  • Arbitrary Library Injection
  • Use After Free
  • Double Free
  • Time of Check Time of Use
  • Uncontrolled Format String
  • Out of Buffer Bounds Read
  • Out of Buffer Bounds Write
  • Insecure Data Storage
  • Insufficient Transport Layer Protection
  • Shared Preferences Usage
  • Man-in-the-Middle Attack
  • Unvalidated/Open Redirect
  • Regex Denial of Service (ReDoS)
  • Sleep Denial Of Service
  • System Properties Change
  • Session Fixation
  • Session Poisoning
  • Integer Underflow
  • Uncontrolled Memory Allocation
  • Intents Usage
  • Arbitrary Code Injection
  • Application Configuration
  • Trust Boundary Violation
  • Location Information
  • Log Messages Information Leak
  • Console Output
  • Weak Encryption Strength
  • Weak Hash Strength
  • Weak Pseudo-Random
  • Arbitrary Server Connection
  • Mail Relay
  • File Upload
  • Cookie Injection
  • Cookie Without 'HttpOnly' Flag
  • Dangerous File Extensions
  • Dangerous HTML Embedded
  • Hidden HTML Input
  • FTP Command Injection
  • Mass Assignment
  • Memcache Injection Vulnerability
  • Sensitive Database Data Modification
  • Symlink Vulnerability
  • System Properties Disclosure
  • Trust Boundary Violation
  • Divide By Zero
  • Use of Inherently Dangerous Function
  • Use of Insecure Functions
  • Miscellaneous Dangerous Functions
  • WebView Implementation
  • External URL Access
  • External Data In SQL Queries

Ready to test your applications?

Scalable and flexible licensing

Dedicated 24h support

Cross-platform solutions

Guided on-premise setup

GET FREE DEMO
Close Bitnami banner
Bitnami