Web Scanner Test Site

Login
This site is setup to test automated Web Application scanners like NTOSpider
You can view a sample report at htt
p:/
/www.we
bscant
est.co
m/repor
t/
DB tests: DB Inject Tests Blind SQL Tests
CSRF tests: Cross Site Scripting Tests CSRF Tests
CORS tests: CORS test page
Basic tests:
OS Command Inject Tests Java Grinder Tests Directory Browse Tests Resource Finder Tests Malicious iFrame detection Web 2.0 / AJAX Tests Go nowhere. Intentional dead link File Uploads Lots of static Pages XPath Injection Tests Browser Cache Tests Business Logic Tests
There are other instances which are protected by various authentication mechanisms (http:/
/forma
uth.we
bscant
est.co
m, http:/
/basic
auth.w
ebscan
test.c
om, http:/
/duala
uth.we
bscant
est.co
m).
The form based credentials are testuser/testpass, and the HTTP Basic credentials are btestuser/btestpass.
Privacy Policy