# مقدمة
برنامج Arachni هي منصة رائعة لمسح و اكتشاف ثغرات الويب. تمت برمجتها بلغة الـروبي(ruby) تتميز بأدئها العالي. أيضا تتميز بسهولة استخداما و ذكائها بتعليم نفسها عن طريق فهم سلوك استجابة التطبيقات و نتائج عمليات المسح. يعمل البرنامج من سطر الأوامر و بواجهة رسومية عن طريق المتصفح, كما يمكن تشغيله على منصات مختلفة.
# مميزات و إمكانيات البرنامج
ممزات عامة
- ******-jar support
- SSL support.
- User Agent spoofing.
- Proxy support for SOCKS4, SOCKS4A, SOCKS5, HTTP/1.1 and HTTP/1.0.
- Proxy authentication.
- Site authentication (Automated form-based, ******-Jar, Basic-Digest, NTLM and others)
- Highlighted command line output.
- UI abstraction:
- Command line UI
- Web UI (Utilizing the Client – Dispatch-server XMLRPC architecture)
- XMLRPC Client/Dispatch server
- Centralised deployment
- Multiple clients
- Parallel scans
- SSL encryption
- SSL cert based client authentication
- Remote monitoring
- Pause/resume functionality.
- High performance asynchronous HTTP requests.
العناكب و اكتشاف محتويات المواقع
- Filters for redundant pages like galleries, catalogs, etc based on regular expressions and counters.
- URL exclusion filter based on regular expressions.
- URL inclusion filter based on regular expressions.
- Can optionally follow subdomains.
- Adjustable depth limit.
- Adjustable link count limit.
- Adjustable redirect limit.
- Modular path extraction via “Path Extractor” components.
تحليل صحات الـ HTML
- Forms
- Links
- ******s
التقارير
- Modular design.
- Currently available reports:
- Standard output
- HTML (Cheers to Christos Chiotis for designing the new HTML report template.)
- XML
- TXT
- YAML serialization
- Metareport (providing Metasploit integration to allow for automated and assisted exploitation)
الإضافات
- Modular design
- Plug-ins are framework demi-gods, they have direct access to the framework instance.
- Can be used to add any functionality to Arachni.
- Currently available plugins:
- Passive Proxy — Analyzes requests and responses between the web app and the browser assisting in AJAX audits, logging-in and/or restricting the scope of the audit
- Form based AutoLogin
- Dictionary attacker for HTTP Auth
- Dictionary attacker for form based authentication
- Profiler — Performs taint analysis (with benign inputs) and response time analysis
- ****** collector — Keeps track of ******s while establishing a timeline of changes
- Healthmap — Generates sitemap showing the health of each crawled/audited URL
- Content-types — Logs content-types of server responses aiding in the identification of interesting (possibly leaked) files
- WAF (Web Application Firewall) Detector — Establishes a baseline of normal behavior and uses rDiff analysis to determine if malicious inputs cause any behavioral changes
- MetaModules — Loads and runs high-level meta-analysis modules pre/mid/post-scan
- AutoThrottle — Dynamically adjusts HTTP throughput during the scan for maximum bandwidth utilization
- TimeoutNotice — Provides a notice for issues uncovered by timing attacks when the affected audited pages returned unusually high response times to begin with.
It also points out the danger of DoS attacks against pages that perform heavy-duty processing. - Uniformity — Reports inputs that are uniformly vulnerable across a number of pages hinting to the lack of a central point of input sanitizatio
0 التعليقات