Penetration Testing mailing list archives
Re: Opinions on Burp Suite Web App Scanner
From: Robin Wood <robin () digininja org>
Date: Wed, 12 Oct 2011 18:14:48 +0100
On 12 October 2011 16:31, Derrenbacker, L. Jonathan <JDerrenbacker () kshgs com> wrote:
I have budget for a web app vulnerability scanner, and I was wondering if anyone has opinions on the professional version Burp Suite with the scanner option. Is the scanner any good? Accurate? This is the website if anyone doesn't know what it is: http://portswigger.net/burp/scanner.html
It is a brilliant tool, well worth the cash compared to the much more expensive alternatives. The built in scanner is fairly accurate, has a few problems with LDAP injection false positives but tends to find XSS and SQLi pretty well. Robin
Thanks, Jon ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Nmap, (continued)
- Re: Nmap Jerry (Oct 01)
- Re: Nmap Jeffory Atkinson (Oct 01)
- Re: Nmap John M. Martinelli (Oct 03)
- Opinions on Burp Suite Web App Scanner Derrenbacker, L. Jonathan (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner pand0ra (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner Fabio Cerullo (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner Matt Gardenghi (Oct 12)
- RE: Opinions on Burp Suite Web App Scanner Ben de Bont (Oct 12)
- Re: Opinions on Burp Suite Web App Scanner Meenal Mukadam (Oct 19)
- Re: Opinions on Burp Suite Web App Scanner Yiannis Koukouras (Oct 21)
- Re: Nmap John M. Martinelli (Oct 03)
- Re: Opinions on Burp Suite Web App Scanner Robin Wood (Oct 12)