Penetration Testing mailing list archives
RE: Web Application Tester
From: <chuan.delahosseraye () accenture com>
Date: Wed, 15 Sep 2004 17:27:51 +0200
According to my previous search on a Web pen-test tools, AppScan, WebInspect and Scando are all much more expensive than AppDetective. If cost is a concern, it might be possible to combine a selection of free tools such as: - Nessus - Nikto - WebScarab - Achilles But this would involve a lot of Manual works. Hope this helps Chuan -----Original Message----- From: A.R. [mailto:r00t () northernfortress net] Sent: 15 September 2004 12:27 To: andrew () beegads com Cc: pen-test () securityfocus com Subject: Re: Web Application Tester Andrew, I don't know what's your budget, but for web applications you can try the following commercial products: - AppScan, by Sanctum (www.sanctuminc.com) - WebInspect, by Spidynamics (www.spidynamics.com) - ScanDo, by Kavado (www.kavado.com) ...Or the good ol' Paros (http://www.proofsecure.com/download.shtml), open source and free Hope this helps Alberto Revelli Northern Fortress, Inc. On Tue, 2004-09-14 at 22:49, Andrew Bagrin wrote:
Does anyone know of an application tester similar to AppDetective thats not as hard on the pocket book? I need to pentest a web app and am looking for some tools Thanks,
-- "Give me a woman who loves beer and I will conquer the world." -- Kaiser Wilhelm II ------------------------------------------------------------------------ ------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ------- This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Re: Web Application Tester, (continued)
- Re: Web Application Tester cbc (Sep 16)
- Re: Web Application Tester brennan stewart (Sep 16)
- Re: Web Application Tester Danux (Sep 15)
- Re: Web Application Tester Mambo Dsouza (Sep 16)
- Re: Web Application Tester GUsh-T (Sep 16)
- Re: Web Application Tester Darren Bounds (Sep 21)
- Re: Web Application Tester mkraisi (Sep 15)
- RE: Web Application Tester Hayden Searle (Sep 15)
- Re: Web Application Tester Mambo Dsouza (Sep 16)
- RE: Web Application Tester John Floyd (Sep 16)
- RE: Web Application Tester chuan.delahosseraye (Sep 16)
- RE: Web Application Tester A.R. (Sep 18)
- RE: Web Application Tester dseth (Sep 17)
- RE: Web Application Tester BĂ©noni MARTIN (Sep 17)
- RE: Web Application Tester Bowes, Ronald (EST) (Sep 18)
- RE: Web Application Tester Lachniet, Mark (Sep 21)
- Re: Web Application Tester petercheung (Sep 23)
- RE: Web Application Tester Todd Towles (Sep 24)