Re: web application scanner question

["Rodrigo Montoro(Sp0oKeR)" <spooker () gmail com>]

Just to complement N-Stalker is not new (10 years old company)

N-Stalker® was created in April 2000 by information security
technology specialists, aiming at providing solutions to protect
corporations and individuals against digital threats that affect
information systems. Since then, our research & development laboratory
has been working non-stop on security researches, producing web attack
detection controls for the past years.

http://nstalker.com/about

In the beginning it was released as N-Stealth .

Regards,

On Mon, Jan 11, 2010 at 6:22 PM, Adrian Puente Z.
<puenteadrian () gmail com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I recommend Acunetix. We have been using those apps for a long time now
> and It does everything you said you need. It can be kind of aggressive
> though.
>
> http://www.acunetix.com/
>
>  I also recommend NStalker. It's kinda new but it helps to compare the
> results with the Acunetix.
>
> http://www.nstalker.com/
>
> Greets,
>
>
> Ryan Giobbi wrote:
> > Hello pen-test readers,
> >
> > I'm looking for recommendations on an easy-to use web application
> > scanner. It doesn't need to be free. It can be an application or
> > server-based. I'd like to avoid appliances.
> >
> > I need one that can do the below.
> > * handle form, cookie, HTTP, and NTLM authentication
> > * provides reporting and logging in a sane format
> > * easy to configure, launch and run.
> > * test HTML, HTTP headers, script and very basic SSL problems
> >
> > I'm not worried about missing critical but hard-to-find
> > vulnerabilities or issues in various browser plugins. In terms of
> > accuracy, the tool should catch the most common issues (xss, plain
> > text credentials, injection, etc) quickly.
> >
> > Thanks for the opinions!!
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Information Assurance Certification Review Board
> >
> > Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> > and CEPT certs require a full practical examination in order to become certified.
> >
> > http://www.iacertification.org
> > ------------------------------------------------------------------------
>
> - --
> Adrián Puente Z.
> [www.hackarandas.com]
> Donde las ideas se dispersan en bytes...
>
> "... ruego a mi orgullo que se acompañe siempre de mi prudencia,
> y si algún día mi prudencia se echara a volar, que al menos
> pueda volar junto con mi locura"
>        --Nietzche
>
> Huella: FBD6 4C36 2557 C64C 1318  70A8 F561 CB6F 4E40 5AFB
> http://www.hackarandas.com/apuente_at_hackarandas.com.asc.gz
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAktLiHUACgkQW2tF/eN2yfYpQACdFnKylFGho2s5qmX05KHRrCXk
> DlwAoICKg4MkY13cOJjDjgNKM1u1EGEQ
> =8A8s
> -----END PGP SIGNATURE-----
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------



-- 
Rodrigo Montoro (Sp0oKeR)
http://www.spooker.com.br
http://www.twitter.com/spookerlabs
http://www.linkedin.com/in/spooker

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------