1. SQL injection :
2. XSS scanner :
- Error based: it scans for vulnerable websites based on common SQL errors for variety of databases.
- Difference (true/false) scan: it scans for sites that do not display SQL errors but yet are vulnerable , the concept behind this scan is true / false query to the database which will give different answers which will then be scanned and in case of difference in length and content site will be considered vulnerable.
it encrypts XSS vector and tries to scan result from web server , if XSS vector is found inside source than site is vulnerable. It only uses GET request to web server. NOTE: It will scan for XSS vector but it will not test if alert or any other event really happened.
3. Admin scanner :
it scans for admin login locations , based on default list or any other that you have supplied.Response code 200 and 306 is considered success.
4. Shared hosting scanner :
it send request to sameip.org and then parses html for pages