What is Vooki ?

Vooki is a dynamic web application vulnerability scanner tool that is used by the majority of the world's top companies. We have made this product in such a manner that it is easy to use for any user, from a newbie to a pro. Vooki uses the OWASP Top 10 standard and shows accurate vulnerabilities. It is a desktop application that can be installed on both Mac and Windows, as well as a user-friendly tool that can quickly scan any web application and identify many underlying security vulnerabilities. Vooki includes a web application scanner, a REST API scanner, and a reporting section. Vooki covers a whopping 10,000+ security checks.

Vooki has two vulnerability scanners, which are:

1. Web Application Vulnerability Scanner
   
2. REST API Vulnerability Scanner
   

Vooki features of web application scanner

1. Multiple scan types
   
2. crawler
   
3. 10000+ vulnerabilities detection
   
4. Concurrent scan
   
5. Scheduled scan
   
6. Penetration testing facility
   
7. Vulnerability dashboard
   
8. Jira integration
   
9. Authenticated testing
   
10. Information gathering
    
11. Cryptography
    
12. Vulnerability report generation
    
13. Compliance report
    
14. Run pipeline scan from command line
    
15. Browser support
    

Vooki features of REST API scanner

1. Separate user interface for API
   
2. Add project/API end-points and test it
   
3. 10000+ vulnerabilities detection
4. Environment variable
   
5. Import/Export project
   
6. Import/Export environment variable
   
7. Vulnerabilty dashboard
   
8. Postman integration
   
9. Vulnerability report generation
   
10. Compliance report
    
11. Run pipeline scan from command line

Vooki has two versions: free and pro. You can check the pricing of the pro version here: https://vegabird.com/vooki/#pricing

List of Vulnerabilities Covered

1. SQL Injection
   
2. Command Injection
   
3. Header Injection
   
4. Cross-site scripting – reflected
   
5. Cross-site scripting – stored
   
6. Cross-site scripting – DOM based
   
7. Missing security headers
   
8. Malicious JS script execution
   
9. Using components with known vulnerabilities
   
10. JQuery Vulnerabilities
    
11. Angularjs Vulnerabilities
    
12. Bootstrap Vulnerabilities
    
13. Sensitive Information disclosure in response headers
    
14. Sensitive Information disclosure in error messages
    
15. Missing Server Side Validation
    
16. JavaScript Dynamic Code Execution
    
17. Sensitive Data Exposure and more

• Related Articles

• Vooki Vulnerability Report Generation

  Vulnerability generating report is very important for any developers for better development of their site security. Generating a clear vulnerability report helps us to find the statistics, loopholes stuffs of the vulnerabilities in an organization ...

• Vooki REST export/import

  Export Project There are two ways to export the project. Follow these steps: Right-click the project and select "Export Project". This will export only selected projects. Click on "Export All Projects" to export all projects. Save it at the desired ...

• Why Vooki is best Vulnerability scanner?

  Vooki is a free web application vulnerability scanner which gives us a perfect scan report about the scanned networks, applications. It is a user-friendly tool that you can easily scan any web application and find security vulnerabilities. Vooki ...

• How to use Vooki - Web Application Scanner ?

  Vooki's web application security scanner is an automated tool to effectively scan and detect many underlying vulnerabilities in web applications in a few minutes. These vulnerabilities include not just the easier ones but the ones that require ...

• How to use Vooki - REST API Scanner ?

  Vooki's REST API scanner is a tool to scan and detect vulnerabilities in the REST API at ease. We have multiple facilities and features in the Vooki REST API scanner. We will discuss all of this in detail. Add Project Add Request Scanning Report ...