[PTsecurity] MaxPatrol Network Security Scanner - Free unlimited version has been released.

From: Alexander Anisimov (anisimov@ptsecurity.com)
Date: Fri Jul 22 2005 - 09:11:46 EDT


MaxPatrol Network Security Scanner Free unlimited version 7.0.1401 has been released.

  Download URL:

     http://www.maxpatrol.com/tb_demo.asp

--- Maxpatrol Core Features:

[+] Web-server and Web Application structure analysis.

        Maxpatrol analyzes the structure of Web Applications to determine
        weaknesses and potential vulnerabilities in both the Web Server
        Configuration and the Web Application. Discovers available web server
        technologies. Inspects the HTTP version banners and looks for
        vulnerable products and other...

[+] Maxpatrol uses intelligent searching to detect vulnerabilities in
    non-standard web-server scripts.

[+] Intelligent recognition of vulnerabilities in known web-server scripts.

    Automatically detects web vulnerabilities:

        - SQL injection
        - Blind SQL injection
        - Cross Site Scripting
        - UTF-7 Cross Site Scripting
        - HTTP Response Splitting
        - Code execution
        - File inclusion
        - Directory traversal
        - Input validation
        - Authentication attacks
          (bruteforce login/password and etc)
        - Script source code disclosure
        - Discovers directories with weak permissions
          (finds directory listings and etc)
        - Looks for common files,
          back-up files, logs or directories

[+] Full Identification of Service Regardless of Port Configuration.

        Maxpatrol uses Intelligent Scanning to determine complex server
        configuration Permits vulnerability testing for servers with complex,
        non-standard configurations, where port numbers are assigned to
        services in arbitrary combinations, in other words Maxpatrol does not
        assume Port 21 is a FTP service or that and FTP service cannot be
        listening to other ports.

[+] Heuristic method for detecting types and names of services, independent
    of responses to standard queries.

[+] Hidden-directory search for FTP servers.

[+] Bruteforce "login/password" for many services.

[+] Detection of vulnerabilities arising from configuration errors including
    cases of unprotected authorization, revealing of information by services,
    etc.

[+] Full identification and testing of RPC services in Windows and *nix.

[+] Intelligent precision algorithms to minimize false detection.

[+] Inspects the service version banners and looks for vulnerable products.

For more details:

http://www.maxpatrol.com/po_kf.asp
http://www.maxpatrol.com



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:37 EDT