Sandcat is multi-process remote web application security scanner. It maps the entire web site structure ( all links , forms , XHR requests and other entry points) and tries to find custom,unique vulnerabilities by simulating a wide range of attacks/sending thousands of requests (mostly GET and POST). It also tests for SQL Inection, XSS, File inclusion and many other web application vulnerability classes. Sandcat's code scanning functionality automates the process of reviewing the web application's code . Source : CEH Lectures ...
SQL Injection , XSS , CRSF , Security misconfiguration and CSSLP