Educause Security Discussion mailing list archives

Re: Web App Scan tool

From: "Beechey, Jim" <beechey () NORTHWOOD EDU>
Date: Sun, 23 Nov 2008 23:32:53 -0500

Mark

I just started playing with the Samurai Web Testing Framework which is a collection of open source web app testing 
tools on a linux live cd.  Haven't done much with it yet, but looks promising.  Currently it is a "development" release 
though so there may be bugs.  http://samurai.inguardians.com/

Jim

Jim Beechey
Associate Director, Networks and Information Security
Northwood University

________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark Monroe 
[markm196 () NETSCAPE NET]
Sent: Friday, November 21, 2008 5:10 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Web App Scan tool

I need to test some web apps. I am not fantastic at this. I am looking
for a tool to help and due to a total lack of funds right now I cannot
buy anything. I need to check for the usual things like x site scripting
and sql injection and one of the apps generates a token and passes it on
to another site and I need to make sure that can not be "messed" with too.

any suggestions?

Mark Monroe
UMSL

Current thread:

Web App Scan tool Mark Monroe (Nov 21)
- <Possible follow-ups>
- Re: Web App Scan tool St Clair, Jim (Nov 21)
- Re: Web App Scan tool Beechey, Jim (Nov 23)
- Re: Web App Scan tool Christopher Jones (Nov 26)
- Re: Web App Scan tool Bradley, Stephen W. Mr. (Nov 26)
- Re: Web App Scan tool Dawson,Scottie (Nov 26)
- Re: Web App Scan tool Randy Marchany (Nov 26)