RE: Web Application Source Vulnerability Scanners

[securityarchitect () hush com]

I know this list doesn't cater for commercial tool discussions specifically so choosing words carefully moderator ;-)

To counter that you should look at the latest review of commercial tools. All failed pretty miserably and the general 
recomendation was to wait until the next generation of tools come out.

http://www.infosecuritymag.com/2003/jan/cover.shtml


On Tue, 04 Mar 2003 07:25:02 -0800 Ory Segal <ory.segal () sanctuminc com> wrote:
> Hi,
>
> The problem with most open source tools is that they are very strong 
> in 
> CGI Scanning, but when it comes to mutating real HTTP requests, 
> and 
> testing the web application layer, they lack good engine features. 
> They 
> do not have features such as:
> 1) Application level tests such as manipulation of : HTML form 
> parameters (SQL Inj., Buffer Overflows, Poison null byte, Format 
> strings 
> bugs, Cookies, HTTP Headers etc...)
> 2) Automatic testing validation.
> 3) Good reporting abilities
> 4) Session management/Transient management - Keeping the scanner 
> 'in 
> session'. This gives you the ability to scan web applications that 
> force 
> you to login, and may kick you out of session, if you caused some 
> error 
> - I believe that most large web apps have this. I believe that AppScan 
>
> is the only scanner to perform this action.
> 5) Good performance
> 6) Contstant updates.
> 7) Logging of raw HTTP traffic
> 8) The ability to easily implement new tests.
>
> -Ory Segal.



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427