Types Of Scans

WebReaver comes with three types of scanning engines:

Generic Scanning Engine

The Generic scanning engine represents our general-purpose web application vulnerability scanner. This engine is capable of detecting a wide range of common vulnerabilities such as SQL Injeciton, Local File Includes, Expression Injection, Cross-site Scripting and many others. Check out our vulnerability catalog for an illustration of the type of bugs that can be detected.

The Generic scanning engine is the most common choice when starting a new scan and it works well for many types of web applications. The Generic scanner typically takes longer to execute. This is due to its comprihansive nature.

WordPress Scanning Engine

If you are testing a WordPress site/blog/application than the generic testing engine may not produce very interesting results and it will take significantly longer to complete. In this case you should select the WordPress engine before starting the scanner.

The WordPress testing engine employs many of the features from the Generic engine although optimized specifically for WordPress. Additionally, this engine will enumerate and discover vulnerabilities in WordPress themes and plugins.

Shellshock Scanning Engine

Shellshock is a critical vulnerability identified in the popular shell interpreter Bash (Bourne Again Shell). The vulnerability is widely spread and can be used to perform remote code execution on the targeted system.

The Shellshock scanning engine helps you quickly identify the presence of the Shellshock vulnerability. The engine will spider the entire application and look under every single input field for the presence of Shellshock. This is an extensive test with specific coverage for Shellshock.