Re: Web App Scan tool

["Bradley, Stephen W. Mr." <bradlesw () MUOHIO EDU>]

We have been happy with HP's WebInspect.


It however is not what you would call inexpensive.


Stephen W. Bradley GCIH CISSP SSCP

Network Security Specialist

Miami University

Security Engineering

Computing & Communication Services

513-529-8129

bradlesw () muohio edu<mailto:bradlesw () muohio edu>


"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
    Benjamin Franklin, Historical Review of Pennsylvania, 1759
http://www.fairtax.org
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Christopher Jones
Sent: Wednesday, November 26, 2008 11:23 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Web App Scan tool

Hi Mark,

You might want to take a look at the Web Vulnerability Scanner product from Acunetix.  It looks to have some very good 
features, and at the same time, is reasonably priced.



Regards,
Christopher Jones
IT Security Administrator
Information Technology Services
University of the Fraser Valley
33844 King Road
Abbotsford, BC  V2S 7M8
604.854.4566
Christopher.Jones () ufv ca<mailto:Christopher.Jones () ufv ca>

[cid:image001.jpg@01C94FBA.FA756A00]



> > > Mark Monroe <markm196 () NETSCAPE NET> 11/21/2008 2:10 PM >>>
I need to test some web apps. I am not fantastic at this. I am looking
for a tool to help and due to a total lack of funds right now I cannot
buy anything. I need to check for the usual things like x site scripting
and sql injection and one of the apps generates a token and passes it on
to another site and I need to make sure that can not be "messed" with too.

any suggestions?

Mark Monroe
UMSL