VulnSign Dynamic Application Security Testing

VulnSign Dynamic Application Security Testing is a web application security scanner that detects vulnerabilities in web applications, microservices, and APIs. The tool tests for OWASP Top 10 vulnerabilities and uses advanced crawling technologies to scan script-heavy sites and applications. The platform includes VulnSign Radar infrastructure for detecting out-of-band vulnerabilities such as Server Side Request Forgery (SSRF), blind XSS, XXE injection, and Log4j vulnerabilities. It can identify SQL injection, code injection, cross-site scripting, remote file inclusion, local file inclusion, and file upload vulnerabilities. VulnSign supports authentication configuration to scan password and MFA-protected areas. The scanner offers configurable options including crawling and attacking parameters, custom cookies, header authentication, and maximum scan duration settings. Users can control concurrent activities and TCP connections during scans. The tool provides instant scan results and real-time monitoring, displaying crawled pages, attack progress, waiting links, finished scans, and detected vulnerabilities as the scan progresses. Scan scheduling is available with options for daily, weekly, monthly, or quarterly frequency. Users can schedule both full and incremental scans with customizable time windows. Target verification is required for full scans through file upload or DNS record methods. The platform supports various target formats including hostnames, IPv4, and IPv6 addresses. VulnSign integrates into CI/CD pipelines for automated security testing during development workflows.