sQuo Posted July 16, 2012 Share Posted July 16, 2012 This is the hidden content, please Sign In or Sign Up The Web Application Vulnerability Scanner Evaluation Project Project WAVSEP currently includes the following test cases: Vulnerabilities: Path Traversal/LFI: 816 test cases, implemented in 816 jsp pages (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases, implemented in 108 jsp pages (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST) Passive Information Disclosure/Session Vulnerabilities (inspired/imported from ZAP-WAVE): 3 test cases of erroneous information leakage, and 2 cases of improper authentication / information disclosure - implemented in 5 jsp pages Experimental Tase Cases (inspired/imported from ZAP-WAVE): 9 additional RXSS test cases (anticsrf tokens, secret input vectors, tag signatures, etc), and 2 additional SQLi test cases (INSERT) - implemented in 11 jsp pages (GET & POST) False Positives: 7 different categories of false positive Reflected XSS vulnerabilities (GET & POST ) 10 different categories of false positive SQL Injection vulnerabilities (GET & POST) 8 different categories of false positive path traversal/LFI vulnerabilities (GET & POST) 6 different categories of false positive remote file inclusion vulnerabilities (GET & POST) Additional Features: A simple web interface for accessing the vulnerable pages An auto-installer for the mysql database schema (/wavsep-install/install.jsp) Sample detection & exploitation payloads for each and every test case Database connection pool support, ensuring the consistency of scanning results Usage Although some of the test cases are vulnerable to additional exposures, the purpose of each test case is to evaluate the detection accuracy of one type of exposure, and thus, “out of scope” exposures should be ignored when evaluating the accuracy of vulnerability scanners. This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts