VOOKI – Free Web Application Vulnerability Scanner

Vooki – Web Application Scanner can help you to find the following attacks

• SQL Injection
• Command Injection
• Header Injection
• Cross-site scripting – reflected,
• Cross-site scripting – stored
• Cross-site scripting – dom based
• Missing security headers
• Malicious JS script execution
• Using components with known vulnerabilities
• Jquery Vulnerabilities
• Angularjs Vulnerabilities
• Bootstrap Vulnerabilities
• Sensitive Information disclosure in response headers
• Sensitive Information disclosure in error messages
• Missing Server Side Validation
• Javascript Dynamic Code Execution
• Sensitive Data Exposure

How to use Vooki Web Application Scanner

• Start Application.
• Connect the browser proxy to Vooki port.
• Visit al the pages of your web application.
• Right click on node appearing on Vooki tool and click on the scan.
• After scan gets completed click on generate report from the menu bar.

Rest API Scanner

Vooki – Rest API Scanner can help you to find the following attacks

• SQL Injection
• Command Injection
• Header Injection
• Cross-site scripting ( possibilities  )
• Missing security headers
• Sensitive Information disclosure in response headers
• Sensitive Information disclosure in error messages
• Missing Server Side input Validation
• Unwanted use of HTTP methods
• Improper HTTP Response