AWVS Update
InfO
- 本仓库及相关资源仅供个人测试,请勿用于非法用途
- This warehouse and related resources are for personal testing only, please do not use them for illegal purposes
Latest 23.9.231020153
New security checks
- New Security Check: CVE-2023-20198
- New Security Check: CVE-2023-22515
Improvements
- Multiple improvements to the SSL Engine
- Improvements to the detection of CVE-2023-27524
- Improvements to the detection of SQL Injection vulnerabilities when using WAFs
Use
docker run -it -d \
--name awvs \
-p 3443:3443 \
--restart=always \
xrsec/awvs
# example xrsec/awvs:{{tags}} # https://hub.docker.com/r/xrsec/awvs/tags
# xrsec/awvs:v15.1
Edit HOSTS
sudo vi /etc/hosts
192.168.0.1 awvs.lan
RootCA 「must」
Downlaod && Install RootCA.cer
Visit Web
URL: https://awvs.lan:3443/#/login
UserName: awvs@awvs.lan
PassWord: Awvs@awvs.lan
Previous 23.9.231013139
Fixes
- Fix for XML Export
Improvements
- Multiple improvements to the SSL Engine
XRSec has the right to modify and interpret this article. If you want to reprint or disseminate this article, you must ensure the integrity of this article, including all contents such as copyright notice. Without the permission of the author, the content of this article shall not be modified or increased or decreased arbitrarily, and it shall not be used for commercial purposes in any way