Security Basics mailing list archives
Re: Web Application Scanners
From: octopaz () yahoo fr
Date: 23 Nov 2005 17:07:32 -0000
Hello, I am also testing applications and am quite in a dilemma : everybody seems to approove webinspect superiority, yet, I found after evaluation that in spite of all its customization potential, the scan result was far less complete (in number of existing threats found), espacialy in cross site scripting, than appscan'scan result. The only quite bright agent I found was the one that enable to find blind sql injection : it is intellingent enough to do atonnishing things. Did I miss something in the use of webinspect ?
Current thread:
- Re: Web Application Scanners octopaz (Nov 24)