CANVAS 網頁安全測試工具-資訊資安軟體/新永資訊有限公司

CANVAS 網頁安全測試工具

CANVAS 網頁安全測試工具
編號
類別

資訊資安軟體
介紹

Immunity 的 CANVAS 為全球的滲透測試人員和安全專業人員提供了數百個漏洞利用、一個自動化漏洞利用系統和一個全面、可靠的漏洞利用開發框架。
價格

推文

產品規格
CANVAS web security testing tool
系統需求

CANVAS web security testing tool

Architecture
The fully open design of CANVAS allows the team to
adjust CANVAS to their environment and needs.
Documentation
All documents are provided in the form of demo
movies
The exploit module has additional information
Currently more than 800 exploits
Immunity will carefully select vulnerabilities as CANVAS exploits. The top priority is high-value vulnerabilities, such as remote, pre-authentication, and new vulnerabilities in mainstream software.
Exploits span all common platforms and applications
Payload options
In order to provide maximum reliability, exploits always
try to reuse sockets
If socket reuse is not appropriate, use back to connect
The subsequent MOSDEF session allows arbitrary code
execution and provides a listener shell for common operations (file management, screenshots, etc.)
Automatically provide bounce and split bounce through MOSDEF
Adjustable concealment level
Use delivery
Provide monthly regular updates via the web
The exploit module and the CANVAS engine are
updated at the same time
Remind customers to update monthly via email
Use creation time
Once the exploit is stable, it will be included in the next
version Effectiveness of exploit All exploits undergo a
comprehensive quality check before release
Exploitation of the vulnerability demonstrated through
the Flash movie
Support from the development team can be obtained
through direct email
Ability to exploit custom vulnerabilities
Unique MOSDEF development environment allows rapid development
Product support and maintenance
Subscription includes email and phone support MF 9 am to 5 pm Eastern Standard Time, direct contact with the
development team
Update at least monthly
Development
CANVAS is a platform designed to allow easy development of other security products. Examples include DSquare's D2 Exploitation Pack, Intevydis' VulnDisco, Gleg's Agora, and SCADA

CANVAS web security testing tool

OS:
CANVAS is written and designed to be run on Linux. While Windows and OSX are supported platforms, Linux is
where CANVAS really shines.
If you are tied to Windows as part of corporate IT policy, CANVAS also runs well in a VM (see the requirements
above). For Linux, any modern desktop distribution with solid package management will work. We recommend:
Ubuntu
Fedora
Windows users
Windows users can download a zip file with all the dependencies (except pycrypto) and installation instructions for that platform from Immunity.

Due to export-control restrictions, we can not ship the pycrypto libraries. You can download a binary installer for Windows at the link shown below.

Download Windows dependencies
PyCrypto binary installer for Windows
Mac OSX User
OSX users can download an installer with most dependencies for that platform from Immunity. You can then download CANVAS as a zip/tar file that you decompress and run CANVAS_ROOT/runcanvas.sh. Please note you would still need to install pyasn1 on your own.
Download OSX dependency installer