WebApp Sec mailing list archives
RE: Comparison report on web app security scanners
From: "Mark Curphey" <mark () curphey com>
Date: Fri, 19 May 2006 06:59:35 -0400
Hacme Bank 2 is on the Foundstone web site today as is an updated version of Hacme Books. Hacme Shipping, Flowers, Travel and Casino will all be released within the month to promote a 1 day software security road show we are doing across the states in June. A whole bunch of other very cool free tools including one that produces graphical maps of web sites for testing plans / scope and a source code review toolkit called CodeScout. All free of course. -----Original Message----- From: solutions_PHP [mailto:support () solutionsphp com] Sent: Thursday, May 18, 2006 11:59 AM To: webappsec () securityfocus com Subject: Re: Comparison report on web app security scanners I found Hackme Bank easily enough... http://tinyurl.com/n2jn3 but a Google search did not reveal where I might find Hacme Flowers or Hacme Casino. These sound like great tools and I'd love to take them for a spin! cheers SAM :) Bogdan Calin wrote:
These applications are publicly available? If yes, where can I download them? -----Original Message----- From: "Mark Curphey" <mark () curphey com> To: <webappsec () securityfocus com> Date: Wed, 17 May 2006 09:20:45 -0400 Subject: RE: Comparison report on web app security scannersHacme Bank 2 (coded by Dinis Cruz) was rewritten from the ground up to be a real world ASP.NET app. FYI there is also now Hacme Flowers (PHP), Hacme Books (Java), Hacme Shipping (ColdFusion), Hacme Travel (C++) and now Hacme Casino (Ruby on Rails and AJAX) which makes it an interesting test bed.
-- Sam Stevens, solutions_PHP http://www.solutionsphp.com/ Open source? Of course! phpdirectory - a coder's arsenal http://www.phpdirectory.com/ ************************************************** Tired of sifting through all that SPAM? We recommend using MailWasher, an excellent tool for socking it to spammers. Download a free trial: http://fta.firetrust.com/index.cgi?id=5966&page=1 ************************************************** IMPORTANT - CONFIDENTIAL INFORMATION Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire named worldwide market share leader in web application security assessment by leading market research firm. Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007t9c -------------------------------------------------------------------------- ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire named worldwide market share leader in web application security assessment by leading market research firm. Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download a Free Trial of AppScan 6.0 today! https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007t9c --------------------------------------------------------------------------
Current thread:
- RE: Comparison report on web app security scanners, (continued)
- RE: Comparison report on web app security scanners Holger.Peine (May 16)
- RE: Comparison report on web app security scanners Ory Segal (May 16)
- Re: Comparison report on web app security scanners Jeremiah Grossman (May 17)
- RE: Comparison report on web app security scanners Mark Curphey (May 18)
- Re: Comparison report on web app security scanners Zaninotti, Thiago (May 18)
- Re: Comparison report on web app security scanners Jeremiah Grossman (May 17)
- Re: Comparison report on web app security scanners Eoin (May 17)
- RE: Comparison report on web app security scanners Mark Curphey (May 17)
- RE: Comparison report on web app security scanners Bogdan Calin (May 18)
- Re: Comparison report on web app security scanners solutions_PHP (May 18)
- Re: Comparison report on web app security scanners Bogdan Calin (May 18)
- RE: Comparison report on web app security scanners Mark Curphey (May 19)
- WAF learning ability limitation? matt farey (May 19)
- Re: Comparison report on web app security scanners solutions_PHP (May 19)