N-Stalker Web Application Security Scanner 是N-Stalker公司研發的一個頂級的安全評估工具。
通過與知名的N-Stealth HTTP Security Scanner及其35,000個web攻擊簽名資料庫合併，以及正在申請專利的web應用程式安全評估技術元件，N-Stalker能為你的web應用程式徹底消除大量普遍的安全隱患，包括跨站腳本（Cross-site Scripting）和SQL注入（SQL injection），緩存溢出（Buffer Overflow），參數篡改（Parameter Tampering）以及更多攻擊等等。
N-Stalker Web Application Security Scanner X can be licensed according to the number of websites to be scanned:
|This license allows scanning up to three (3) nominated web sites for an unlimited number of times. The web sites can be registered gradually; however, they cannot be neither changed afterwards nor used to scan sites belonging to customers or third parties.|
|Corporate Unlimited License||This license allows scanning unlimited websites inside customer’s organization (Private IP Blocks – RFC1918 and Customer’s own Internet IP Blocks) and cannot be used to scan sites of customers or third parties.|
|Consultant Unlimited License||This license allows scanning unlimited websites (All IP address space with no restrictions). This is the most recommended model for Security Consultants, Web Development Agencies and ISPs. The Consultant’s version also allows users to personalize their reports by adding their own logo.|
Note: With the exception of Unlimited Consultant License, all available licenses are entitled for internal use inside customer’s organization and cannot be used for consulting purposes or third-party web application scanning.
Parallel Spider Engine
N-Stalker debuts a new spider engine to allow simultaneous fetching of web resources. This new feature provides a more effective way to traverse your application and search for web interfaces. If you want to inspect multiple requests, just press “Track Spider” and follow N-Stalker’s HTTP activities on demand.
Improved Attack Engine
N-Stalker X attack modules are based on a customized engine running LUA language. It provides a flexible integration and allow for a fast introduction of new attack patterns. From OWASP Top 10 to CWE Top 25, N-Stalker X provides way to integrate your own signatures into his own inspection engine.
Enhanced Web Engine
Integrated Web Proxy for “drive-thru” attacks
An integrated web proxy in N-Stalker’s spider engine to allow for a drive-thru navigation and security testing for restricted and well-defined scopes. Just open your favorite browser, run your test cases and record well-known application transactions that can be used for an extended security assessment.
Support for Manual Security Analysis
Do you need to run restricted tests against your application? Manual security tests allows you to control which and where the security tests can be applied within your web application. Just point the resource and click to initiate a very specific assessment.
|Web Engine N-Stalker|
|Web Spider Modul||Ｖ||Ｖ||（１）|
|Custom Design Errors|
|Cross-site Script Injection Module||Ｖ||－||－|
|Database Tampering – SQL Injection Module, including:||Ｖ||－||－|
|- Direct mode||Ｖ||－||－|
|- Blind mode||Ｖ||－||－|
|Buffer & Integer Overflow attack Module||Ｖ||－||－|
|Format String attack Module||Ｖ||－||－|
|File & Directories Tampering Module, including:||Ｖ||－||－|
|- Backup Files Discovery||Ｖ||－||－|
|- Configuration Files Discovery||Ｖ||－||－|
|- Password Files Discovery||Ｖ||－||－|
|- Information Leakage Discovery||Ｖ||－||－|
|Parameter Tampering Module, including:||Ｖ||－||－|
|- Special Parameter Addition attacks||Ｖ||－||－|
|- Boolean Parameter Tampering attacks||Ｖ||－||－|
|- Hidden Parameter Discovery||Ｖ||－||－|
|- Parameter Deletion attacks||Ｖ||－||－|
|- Remote Execution attacks||Ｖ||－||－|
|- File & Directory traversal attacks||Ｖ||－||－|
|- Header Splitting & CRLF Injection attacks||Ｖ||－||－|
|- Remote File Include PHP-based attacks||Ｖ||－||－|
|Check for Suspicious Values in Web Form Hidden Fields||Ｖ||－||－|
|Custom Signature Check (via Signature E||Ｖ||Ｖ||Ｖ|
To run N-Stalker Web Application Security Scanner X appropriately, there are minimum requirements to be met, such as:
- 512MB RAM (available to N-Stalker);
- At least 500MB Hard Disk free space (caching purposes);
- Win32 Platform (minimum WinXP).
- Internet connection (transparent or proxy-based) to obtain the latest updates.
For maximum performance we recommend the following hardware configuration:
- 1-2GB RAM (available to N-Stalker);
- 10GB HD free disk space (for results and caching)
- Latest Win32 Platform (Windows 7)