Vulnerability Development mailing list archives
Re: Web Application Testers.
From: "Kevin Spett" <kspett () mediaone net>
Date: Mon, 24 Sep 2001 17:12:23 -0700
WebInspect is designed specifically for web application security assessments. There's a fully-functional evaluation download. www.spidynamics.com/download.html Also check out the "On web application audits" thread on the www-mobile-code list from this week. Norman Cook's post goes into detail on tools. http://www.securityfocus.com/cgi-bin/archive.pl?id=107&mid=215692&start=2001 -09-21&end=2001-09-27 Kevin. ----- Original Message ----- From: "Dom De Vitto" <Dom () DeVitto com> To: <pen-test () securityfocus com>; <vuln-dev () securityfocus com> Sent: Monday, September 24, 2001 7:17 AM Subject: Web Application Testers.
I've just been reading about Sanctum's AppScan, which appears to be on the right track, but I've nothing to compare it to... Any advice/experience. FYI, AppScan breaks/subverts web applications - there are plenty of tools to break web servers (apache/IIS), but it looks like appscan is on it's
own
on the test-the-bespoke-web-app front. Thanks all, in advance, Dom --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
Current thread:
- Re: Web Application Testers. Dennis Groves (Sep 25)
- <Possible follow-ups>
- Re: Web Application Testers. Kevin Spett (Sep 25)
- Re: Web Application Testers. Lists (Sep 25)
- RE: Web Application Testers. Yonatan Bokovza (Sep 25)