Re: OWASP Top 10 penetration testing software?

[martin.mngoma () gmail com]

Hi 

I am not sure about the "inexpensive" part as I don't know your budget but  the top 10 threats can be tested using 
Acunetix - vulnerability scanner - that's what I use.

There is only one short fall with this tool it doesn't support silverlight applications otherwise its very powerfull 
specially when you use it with the add on called Acusensor which eliminates false positives.

Please let me know if there is anything else or tools I may help you with.

Thanks
Martin


Sent from my BlackBerry® wireless device

-----Original Message-----
From: webcat <matthew.mckinzie () lewin com>
Sender: listbounce () securityfocus com
Date: Tue, 28 Feb 2012 11:35:59 
To: <pen-test () securityfocus com>
Subject: OWASP Top 10 penetration testing software?


Hi, for one of my websites, I have been required to use a web application
scanner that tests against the OWASP Top Ten threats. I'm looking for a
scanner that does this that is inexpensive or free.

Possible scanners I've found for this include the OWASP Zed Attach Proxy
Project, Sonar, and w3af, but none of these explicitly tests against the
OWASP Top Ten threats (at least not that I can tell).

Does anyone know of a scanner that does test against the OWASP Top Ten
threats? Thank you!
-- 
View this message in context: http://old.nabble.com/OWASP-Top-10-penetration-testing-software--tp33409197p33409197.html
Sent from the Penetration Testing mailing list archive at Nabble.com.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------