Vooki features of web application scanner
- Multiple scan types
- crawler
- 10000+ vulnerabilities detection
- Concurrent scan
- Scheduled scan
- Penetration testing facility
- Vulnerability dashboard
- Jira integration
- Authenticated testing
- Information gathering
- Cryptography
- Vulnerability report generation
- Compliance report
- Run pipeline scan from command line
- Browser support
Vooki features of REST API scanner
- Separate user interface for API
- Add project/API end-points and test it
- 10000+ vulnerabilities detection
- Environment variable
- Import/Export project
- Import/Export environment variable
- Vulnerabilty dashboard
- Postman integration
- Vulnerability report generation
- Compliance report
- Run pipeline scan from command line
List of Vulnerabilities Covered
- SQL Injection
- Command Injection
- Header Injection
- Cross-site scripting – reflected
- Cross-site scripting – stored
- Cross-site scripting – DOM based
- Missing security headers
- Malicious JS script execution
- Using components with known vulnerabilities
- JQuery Vulnerabilities
- Angularjs Vulnerabilities
- Bootstrap Vulnerabilities
- Sensitive Information disclosure in response headers
- Sensitive Information disclosure in error messages
- Missing Server Side Validation
- JavaScript Dynamic Code Execution
- Sensitive Data Exposure and more