Vulnerability scanning tools: Difference between revisions
Jump to navigation
Jump to search
m
→建議/可用
(→建議/可用) |
m (→建議/可用) Tags: Mobile edit Mobile web edit |
||
| Line 4: | Line 4: | ||
== 建議/可用 == | == 建議/可用 == | ||
{{Gd}} [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy Project] (ZAP) v. 2.7.0 掃描報告內容包含 Cross-site scripting (XSS), SQL Injection 等部分 OWASP 項目。報告內容有標示漏洞[https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsAlerts 嚴重程度]。 | |||
* 公司/維護者: [https://www.owasp.org/index.php/Main_Page OWASP] | |||
* 作業系統: {{Win}}, {{Linux}} & {{Mac}} | |||
* 授權: [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project Apache 2 License] | |||
* 試用版限制: | |||
* 檔案掃毒: VirusTotal 掃描結果 [https://www.virustotal.com/zh-tw/file/e3243792525306731ae9eba0cc4697d289e54a58ac529da0c021f2c1ca109246/analysis/ Win 版] ok | |||
* 掃描對象: | |||
* 掃描報告內容: 內容包含 X-Frame-Options header not set, Cross-Domain javascript source file inclusion, Cross-site scripting (XSS), SQL Injection, X-content-type-options header missing | |||
* 填寫個資申請: 不用 | |||
{{Gd}} [https://addons.mozilla.org/en-US/firefox/addon/xss-me/ XSS Me :: Add-ons for Firefox] 檢測正在瀏覽的網頁表單的 Cross-site scripting (XSS)、[https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/?src=userprofile SQL Inject Me :: Add-ons for Firefox] 檢測正在瀏覽的網頁表單的 SQL Injection | {{Gd}} [https://addons.mozilla.org/en-US/firefox/addon/xss-me/ XSS Me :: Add-ons for Firefox] 檢測正在瀏覽的網頁表單的 Cross-site scripting (XSS)、[https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/?src=userprofile SQL Inject Me :: Add-ons for Firefox] 檢測正在瀏覽的網頁表單的 SQL Injection | ||
* 公司/維護者: [https://addons.mozilla.org/en-US/firefox/user/security-compass/ Security Compass] | * 公司/維護者: [https://addons.mozilla.org/en-US/firefox/user/security-compass/ Security Compass] | ||
| Line 22: | Line 32: | ||
* 掃描對象: | * 掃描對象: | ||
* 掃描報告內容: | * 掃描報告內容: | ||
* 填寫個資申請: 不用 | * 填寫個資申請: 不用 | ||