Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Web Application Testers.

From: "Kevin Spett" <kspett () mediaone net>
Date: Mon, 24 Sep 2001 17:12:23 -0700
    WebInspect is designed specifically for web application security
assessments.  There's a fully-functional evaluation download.
www.spidynamics.com/download.html
    Also check out the "On web application audits" thread on the
www-mobile-code list from this week. Norman Cook's post goes into detail on
tools.
http://www.securityfocus.com/cgi-bin/archive.pl?id=107&mid=215692&start=2001
-09-21&end=2001-09-27


    Kevin.

----- Original Message -----
From: "Dom De Vitto" <Dom () DeVitto com>
To: <pen-test () securityfocus com>; <vuln-dev () securityfocus com>
Sent: Monday, September 24, 2001 7:17 AM
Subject: Web Application Testers.



I've just been reading about Sanctum's AppScan, which appears to be on the
right track, but I've nothing to compare it to...

Any advice/experience.

FYI, AppScan breaks/subverts web applications -  there are plenty of tools
to break web servers (apache/IIS), but it looks like appscan is on it's

own

on the test-the-bespoke-web-app front.

Thanks all, in advance,
Dom



--------------------------------------------------------------------------

--

This list is provided by the SecurityFocus Security Intelligence Alert

(SIA)

Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please

see:

https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: