Penetration Testing mailing list archives

Re: Web Application Scanners Comparison

From: anantasec <anantasec () googlemail com>
Date: Wed, 28 Jan 2009 06:06:17 +0200

I'm glad I could help.
Yes, this is also my opinion: A tool is only as better as the person using it.
The results from these scanners should be reviewed by a knowledgeable human.
These tools are designed to help (not replace) a human.

It makes me smile when I read on some vendor website: Our tool
"Assures PCI Compliance including 6.6". An automated tool would never
do that.

On 1/28/09, Dotzero <dotzero () gmail com> wrote:

anantasec,

I just did a quick read of your report. Thanks for making it
available. I think the main take away for me is that it reconfirms
that they are just tools and depending on the operator (experience)
mileage may vary.



-- 
http://anantasec.blogspot.com

Current thread:

Web Application Scanners Comparison anantasec (Jan 27)
- Message not available
  - Re: Web Application Scanners Comparison anantasec (Jan 27)
    - Re: Web Application Scanners Comparison Andre Gironda (Jan 28)
    - Re: Web Application Scanners Comparison anantasec (Jan 28)
- Re: Web Application Scanners Comparison love.wadhwa () naukri com (Jan 28)
  - Re: Web Application Scanners Comparison anantasec (Jan 28)
- Re: Web Application Scanners Comparison Dotzero (Jan 28)
  - Re: Web Application Scanners Comparison anantasec (Jan 28)
- Re: Web Application Scanners Comparison Roman Medina-Heigl Hernandez (Jan 28)
  - Re: Web Application Scanners Comparison anantasec (Jan 28)
- Message not available
  - Re: Web Application Scanners Comparison anantasec (Jan 28)
- Re: Web Application Scanners Comparison Derek Fountain (Jan 28)
- Re: Web Application Scanners Comparison Adriel T. Desautels (Jan 28)
  - Re: Web Application Scanners Comparison anantasec (Jan 28)