WebApp Sec mailing list archives
Re: Recommendation for web app scanner
From: Eric Marden <security () xentek net>
Date: Tue, 26 May 2009 07:23:31 -0400
I assume you're already using the free tools, like those contained on the AppSecLive.org live cd?
Eric Marden xentek: enlightened internet solutions http://xentek.net/ On May 22, 2009, at 4:05 PM, Randal T. Rioux wrote:
Watchfire (AppScan) was great until IBM bought them (the Symantec syndrome...). WebInspect was great until HP bought them (HP just sucks all around). It's a tough market for management friendly report generating Web app scanners.NIST keeps a nice list: http://samate.nist.gov/index.php/Web_Application_Vulnerability_Scanners.htmlI tested Hailstorm once, it didn't perform as well as I hoped for the asking price. Good luck!RandyI need a new web app scanner with features similar to Acunetix for around the same price. We've been using Acunetix for a few years, but they won't return my calls (is 3 enough?) to renew, so I'm moving on. I'm not experienced enough to do my own assessment by hand. I can't afford web app services like White Hat. Any help would be appreciated.
Current thread:
- Recommendation for web app scanner Joe S (May 22)
- Re: Recommendation for web app scanner mittalu (May 25)
- RE: Recommendation for web app scanner SecLists Ertech Systems (May 25)
- Re: Recommendation for web app scanner Rory McCune (May 25)
- Re: Recommendation for web app scanner Matias N. Sliafertas (May 25)
- <Possible follow-ups>
- RE: Recommendation for web app scanner Randal T. Rioux (May 25)
- RE: Recommendation for web app scanner Brian Shura (May 25)
- Re: Recommendation for web app scanner Randal T. Rioux (May 26)
- Re: Recommendation for web app scanner Eric Marden (May 26)
- RE: Recommendation for web app scanner Brian Shura (May 25)