WebStrike

DefenseCode WebStrike is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications (websites). WebStrike will test a website’s security by carrying out a large number of attacks using the most advanced techniques, just as a real attacker would.

DefenseCode WebStrike can be used regardless of the web application development platform. It can be used even when application source code is no longer available. WebStrike supports major web technologies such as HTML, HTML5, Web 2.0, AJAX/jQuery, JavaScript and Flash. It is designed to execute more than 5000 Common Vulnerabilities and Exposures tests for various web server and web technology vulnerabilities. WebStrike is capable of discovering more than 60 different vulnerability types (SQL Injection, Cross Site Scripting, Path Traversal, etc.), including OWASP Top 10.

DefenseCode WebStrike is able to scan classic web applications (HTML, HTML5, Web2.0, AJAX, Javascript) along with API endpoints as Web Services, SOAP and JSON. WebStrike is capable of scanning web applications without any prior configuration but also post-authentication when the credentials are required.

WebStrike’s login sequence recorder and HTTP Proxy, allows an efficient method to scan websites and web applications that use CAPTCHA, OTP (One Time Password) or Two Factor Authentication (2FA).

WebStrike is fast, effective, highly accurate, easy to use and requires virtually no user input.