Vooki Features
Web Application Scanner
- Simple scanning method.
- Easy user interface
- Crawl huge sites with ease.
- Finds hidden endpoints.
- New vulnerabilities are revealed on dashboard as soon as they found.
- Vulnerabilities are categorised as High, Medium, Low and Information.
- Give developers the details of vulnerability to fix security issues on their own.
- Highlight the exact lines of code that need to be fixed.
- Raise Jira tickets to developers with one click from Vooki
- Supports every type of authentication through the browser interface.
- Encoder/Decoder
- Encryption/Decryption
- Hashing
- HTML
- OWASP 2021
- OWASP 2017
- OWASP API 2019
- PCI DSS
- CWE
- Firefox (inbuilt)
- Google Chrome
- Microsoft Edge
- Manual configuration (any browser)
REST API Scanner
- Vooki provides feature to add projects and API with ease.
- Vooki provides simple user interface to fill API details such as headers and body.
- New vulnerabilities are revealed on dashboard as soon as they found.
- Vulnerabilities are categorised as High, Medium, Low and Information.
- Give developers the details of vulnerability to fix security issues on their own.
- Highlight the exact lines of code that need to be fixed.
- Import Postman collection.
- Import Postman environment variable.
- HTML
- OWASP 2021
- OWASP 2017
- OWASP API 2019
- PCI DSS
- CWE
Trusted by over 450+ companies of all sizes.
Choose the package that matches your needs
Installation just takes less than a minute. To believe it, we delightedly offer you the free version of our Vooki for trail usage. Just enjoy and believe the magic!
Difference between Pro and Free Version of Vooki
- Unlimited web application scan (1 scan at a time)
- 20 REST API only can be added
- Concurrent scans
- Scheduled scans
- Scan in Queue
- Command Line scan
- Scan authentication (Fetch from proxy, enter cookie manually)
- 10000+ security checks
- Multiple scan types
- Penetration testing tools ( interceptor, composer, compare )
- Crawler
- Detailed report about the vulnerabilities including remediation
- HTML reporting (standard format, OWASP 2021, OWASP 2017, OWASP API 2019, PCI-DSS, CWE)
- Import/Export of web scanned data
- PDF reporting (standard format, OWASP 2021, OWASP 2017, OWASP API 2019, PCI-DSS, CWE)
- Import/Export of REST API projects
- Import/Export Postman collections
- Help center
- Commercial use
- Predefined SLA
- Jira integration
- CL/CD pipeline support
- Unlimited web application scan
- Unlimited REST API can be added
- Concurrent scans
- Scheduled scans
- Scan in Queue
- Command Line scan
- Scan authentication (Fetch from proxy, enter cookie manually, simple form and complex form)
- 10000+ security checks
- Multiple scan types
- Penetration testing tools ( interceptor, composer, compare )
- Crawler
- Detailed report about the vulnerabilities including remediation and classification
- HTML reporting (standard format, OWASP 2021, OWASP 2017, OWASP API 2019, PCI-DSS, CWE)
- Import/Export of web scanned data
- PDF reporting (standard format, OWASP 2021, OWASP 2017, OWASP API 2019, PCI-DSS, CWE)
- Import/Export of REST API projects
- Import/Export Postman collections
- Help center
- Commercial use
- Predefined SLA
- Jira integration
- CL/CD pipeline support
VOOKI - REST API Vulnerability Scanner
Vooki’s REST application scanner is an automated tool to scan and detect vulnerabilities in the REST API at ease. Relating to API testing, Vooki also includes features to import the required data from Postman.
Vooki’s REST API vulnerability scanner is specially designed:
- To scan the API's in an application.
- To identify the security flaws in it.
- To demonstrate the vulnerabilities in an understandable manner.
To check this, all you need to do is just execute the API and then run the scan for beholding the sight of security vulnerabilities identified in it.
Features of Vooki REST API Vulnerability Scanner:
- Reports with all relevant remediation.
- Environment variables.
- Imports collection and environment variables from Postman.
Sample Report of Vooki REST API Vulnerability Scanner:
Vooki’s sample report starts with a quick summary of the risk findings and its ratings. Each finding has a detailed explanation in terms of risk and recommendations about the vulnerability. The vulnerabilities are classified based on the risk level. For your reference, you’re most welcome to download and see the sample report.
Vooki’s REST API scanner sample reportVOOKI - Web Application Vulnerability Scanner
Vooki's web application security scanner is an automated tool to effectively scan and detect many underlying vulnerabilities in web applications in a few minutes. These vulnerabilities include not just the easier ones, but the issues takes strenuous human efforts to identify, with least false positive rates compared to many other vulnerability scanners. Web application scanning done with Vooki offers all its users a sense of satisfaction as it has all the modules to perform scanning on a holistic approach. For earning your trust, besides the commercial version, a free version is also available.
Full Scan
Full Scan checks all the collected URLs from the browser. It includes web-spidering and CSRF token bypass. Full Scan checks all the pages of the target web application, detects complex login mechanisms and scans the pages behind the authorization for vulnerabilities. This is the scan we highly recommend you to perform on your website.
Basic Scan
The basic scan is good for websites that do not have authentication and static websites. This basic scan includes a crawler by default. So Basic Scan crawls first, collects the URLs from the website, starts the scan and ultimately provides with the most reliable results.
Penetration Testing
Penetration Testing tab consists of HTTP(S) interceptor and a HTTP request composer. You can edit the HTTP request, drop it and send it to the server. This unique facility in Vooki will help you to perform efficient penetration testing.
Crawler
Vooki crawler performs an in-depth scanning of your website and presents the list of web pages available on the domain. Collected URL’s will be available in the captured URL tab.
Domain & Host Scanner
Domain & Host Scanner scans your entire website and gets various significant information about Open ports, Server, DNS information, Web archive, Certificate information, Geo location of server and ‘Who is’ data.
Cryptography
Cryptography section consists of the below modules:
- Encoder/Decoder
- Encryption
- Hashing
Sample Report of Vooki Web Application Vulnerability Scanner:
Vooki’s sample report starts with a quick summary of the risk findings and its ratings. Each finding has a detailed explanation in terms of risk and recommendations about the vulnerability. The vulnerabilities are classified based on the risk level. For your reference, you’re most welcome to download and see the sample report.
Vooki’s web application vulnerability scanner sample report.