I came across a new scanner named Beagle. This scanner really crawls fast compared to the other scanners I have experienced. It’s faster in detecting vulnerabilities. Takes less CPU power.
An example of reporting vulnerabilities, you can choose different formats. For example, this is in PDF. Check here for sample reports generated by Beagle.
Features
Exploitation on the Go
An example of exploiting remote code execution.
An example of exploiting SQLi.
Multi Scan Session
Unlike the other web application security scanners, Beagle can manage more than one scan session at the same time in one instance of the application.
You can switch between sessions with one click.
Sitemap and Easy Tracking of Attack Progress
Column Average Response Time gives you a clue about there might be a problem with page loading time under heavy load. Similars tab shows either pages which has the same parameter name but with different values or URL rewritten links.
Easy Configuration of Injection Points
1. Attack only QueryString parameters for SQL Injection checks.
2. Attack only QueryString and Post parameters for HTML Injection checks.
3. Attack only QueryString parameter named “path” for Local File Inclusion checks.
4. Attack only QueryString parameter named “url” for Open Redirection checks.
5. Attack only Post parameter named “cmd” for Command Injection checks.
Context-Aware Analysis
Generally used by HTML Injection Engine to report cross-site scripting (XSS) vulnerabilities.
Response Time Graph
You can see how page responds the requests over time during attacking.
Smart URL Rewrite Detection
This has a feature of detecting the regex pattern used in URL rewrites.
* Words in red color denote attack points
Scripting
Script development environment allows you to generate custom payloads easily by using data sources during manual assessments.
You can work with as much different data sources as possible and combine them.
The scanner is in its first stages, there are many features that will be added in the future. You can purchase this product with from the website https://beaglesec.com/