VOOKI - Free Vulnerability Scanner (DAST Tool)

Audit your web security with Vooki. It is a free web application vulnerability scanner which gives us a perfect scan report about the scanned networks, applications. It is a user-friendly tool that you can easily scan any web application and find security vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner and reporting section.

50000+ Downloads

Yaazhini - Free vulnerability scanner for android APK and API.

Prithvi - Report generation tool for Security Assessment.

System Requirements

Operating Systems Mac OSX(64bit), Windows(64bit & 32bit)
RAM Minimum Usage 4GB of available memory. 16GB required for larger Websites
Storage 10GB of available disk space

Use website vulnerability scanner for Third Party

If you are a web development firm, you can show your clients the security scan reports and prove that you have implemented the proper security tool for security measures in the web applications.

VOOKI - Free Vulnerability Scanner (DAST Tool)

Vooki have two modules which are

  • VOOKI - Free Web Application Vulnerability Scanner
  • VOOKI - Free REST API Vulnerability Scanner
Vooki Application Vulnerability Scanner

Web Application Scanner

Vooki web application scanner is an automated tool to scan and detect vulnerabilities in web applications. Our tool help in finding out vulnerabilities with ease. Vooki is very easy and effective.

Web Application Vulnerability Scanner

Vooki – Web Application Scanner can help you to find the following attacks

  • SQL Injection.
  • Command Injection.
  • Header Injection.
  • Cross-site scripting – reflected.
  • Cross-site scripting – stored.
  • Cross-site scripting – dom based.
  • Missing security headers.
  • Malicious JS script execution.
  • Using components with known vulnerabilities.
  • Jquery Vulnerabilities.
  • Angularjs Vulnerabilities.
  • Bootstrap Vulnerabilities.
  • Sensitive Information disclosure in response headers.
  • Sensitive Information disclosure in error messages.
  • Missing Server Side Validation.
  • Javascript Dynamic Code Execution.
  • Sensitive Data Exposure and 50+ more

How to use Vooki Web Vulnerability Scanner

In the Vooki web application scanner, we have many types of scans, those scan types are as follows:

Full Scan

Full Scan checks all the collected URLs from the browser. It includes web spidering and CSRF token bypass. Full Scan checks all the web application vulnerabilities. This is the scan we recommend you to perform on your website.

Steps to perform Full Scan

  • Start Application.
  • Connect the browser proxy to Vooki port.
  • Visit all the pages of your web application.
  • Right-click on node appearing on Vooki tool and click on the scan.
  • After the scan gets completed right click on the project and generate.

Basic Scan

Basic scan checks the URLs which are collected from spidering. The basic scan is good for the websites do not have authentication. Basic Scanner has the facility to save scanned data and generate the report.

Steps to perform Basic Scan

  • Start Application.
  • Provide the full URL and click on Scan.
  • After the scan gets completed right click on the project and generate.

Spidering

Vooki Spidering performs in-depth scanning in your website. You can identify the webpages exposed on the website, based on the collected URL's available in `Captured URL` tab.

Steps to perform Spidering

  • Start Application.
  • Provide the full URL and click on Scan.

Domain & Host Scan

Domain and Host scanner scans your website and finds information about it. That information is as follows

  • Server information
  • DNS information
  • Open Ports of server
  • Archive information of server
  • Geo Information of server
  • SSL certificate
  • who is information of domain

Steps to perform Domain & Host Scan

  • Start Application.
  • Provide the full URL and click on Scan.

Rest API Scanner

Vooki REST application scanner is an automated tool to scan and detect vulnerabilities in REST API. Our tool help in finding out the vulnerabilities with ease. Vooki is very easy and effective. Vooki includes features to import the data from Postman.

Rest API Scanner

Vooki – Rest API Scanner can help you to find the following attacks

  • SQL Injection
  • Command Injection
  • Header Injection
  • Cross-site scripting – reflected.
  • Cross-site scripting – stored.
  • Cross-site scripting – dom based.
  • Missing security headers
  • Sensitive Information disclosure in response headers
  • Sensitive Information disclosure in error messages
  • Missing Server Side input Validation
  • Unwanted use of HTTP methods
  • Improper HTTP Response and 50+ more

How to use Vooki Rest Scanner

Steps to perform Vooki REST Scan

  • Start Application.
  • Create a new Project.
  • Add the new request in the created project.
  • Provide proper headers, URL, and data.
  • Save and run the scan from the menu bar.
  • After scan gets completed click on generate report from the menu bar.

Sample Reports for Vooki

Vooki Sample report starts with a quick summary of the findings and risk ratings. Each finding has a detailed explanation in terms of risk and recommendations about the vulnerability. The vulnerabilities are ordered by the risk level.
Get Here: Free Web Application Vulnerability Scanner sample report.

.

Vooki Sample report starts with a quick summary of the findings and risk ratings. Each finding has a detailed explanation in terms of risk and recommendations about the vulnerability. The vulnerabilities are ordered by the risk level.
Download the Rest API Scanner sample report.