Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities.
Vooki includes Web Application Scanner, Rest API Scanner, and reporting section.
Vooki – Web Application Scanner can help you to find the following attacks
>Sql Injection
>Command Injection
>Header Injection
>Cross site scripting – reflected,
>Cross site scripting – stored
>Cross site scripting – dom based
>Missing security headers
>Malicious JS script execution
>Using components with known vulnerabilities
>Jquery Vulnerabilites
>Angularjs Vulnerabilites
>Bootstrap Vulnerabilities
vSensitive Information disclosure in response headers
>Sensitive Information disclosure in error messages
>Missing Server Side Validation
>Javascript Dyanamic Code Execution
>Sensitive Data Exposure
How to use Vooki Web Application Scanner
>Start Application.
>Connect the browser proxy to Vooki port.
>Visit al the pages of your web application.
>Right click on node appearing on Vooki tool and click on the scan.
>After scan gets completed click on generate report from the menu bar.
Rest API Scanner
Vooki – Rest API Scanner can help you to find the following attacks
>Sql Injection
>Command Injection
>Header Injection
>Cross site scripting ( possibilities )
>Missing security headers
>Sensitive Information disclosure in response headers
>Sensitive Information disclosure in error messages
>Missing Server Side input Validation
>Unwanted use of HTTP methods
>Improper HTTP Response
How to use Vooki Rest Scanner
>Start Application.
>Create new Project.
>Add the new request in created project.
>Provide proper headers, url and data.
>Save and run the scan from the menu bar.
>After scan gets completed click on generate report from the menu bar.
Vooki includes Web Application Scanner, Rest API Scanner, and reporting section.
Vooki – Web Application Scanner can help you to find the following attacks
>Sql Injection
>Command Injection
>Header Injection
>Cross site scripting – reflected,
>Cross site scripting – stored
>Cross site scripting – dom based
>Missing security headers
>Malicious JS script execution
>Using components with known vulnerabilities
>Jquery Vulnerabilites
>Angularjs Vulnerabilites
>Bootstrap Vulnerabilities
vSensitive Information disclosure in response headers
>Sensitive Information disclosure in error messages
>Missing Server Side Validation
>Javascript Dyanamic Code Execution
>Sensitive Data Exposure
How to use Vooki Web Application Scanner
>Start Application.
>Connect the browser proxy to Vooki port.
>Visit al the pages of your web application.
>Right click on node appearing on Vooki tool and click on the scan.
>After scan gets completed click on generate report from the menu bar.
Rest API Scanner
Vooki – Rest API Scanner can help you to find the following attacks
>Sql Injection
>Command Injection
>Header Injection
>Cross site scripting ( possibilities )
>Missing security headers
>Sensitive Information disclosure in response headers
>Sensitive Information disclosure in error messages
>Missing Server Side input Validation
>Unwanted use of HTTP methods
>Improper HTTP Response
How to use Vooki Rest Scanner
>Start Application.
>Create new Project.
>Add the new request in created project.
>Provide proper headers, url and data.
>Save and run the scan from the menu bar.
>After scan gets completed click on generate report from the menu bar.