Nytro Posted December 27, 2011 Report Posted December 27, 2011 Sandcat Pro v4.2.8 adds NoSQL Injection detectionBy MaxiSoler on 27 December 2011 in Tools with No Comments Sandcat combines Syhunt’s state-of-the-art, multi-process scanning technologies with the incredibly fast Lua language to perform remote web application security scans. While spidering a web site and hunting vulnerabilities, Sandcat emulates a modern, HTML 5-aware web browser, making sure every web application gets fully tested. Changelog v4.2.8This version adds techniques for detecting vulnerabilities in web applications using NoSQL database engines and web systems supporting server-side JavaScript execution. This includes NoSQL injection, blind NoSQL injection & Denial-of-Service vulnerabilities. Also the enhanced versions of the Sandcat Code scanner with source code checks for these specific vulnerability classes, and publishing an article (Time-Based NoSQL Injection, available here) that highlights additional risks involving server-side JavaScript execution not restricted to NoSQL database engines. Download:http://www.syhunt.com/?n=Sandcat.DownloadSursa: Sandcat Pro v4.2.8 adds NoSQL Injection detection Quote
