Re: FW: Tools comparison and evaluation question (AppScan)

[Xyberpix <xyberpix () xyberpix com>]

I use WebInspect pretty much ona  daily basis, and wouldn't trade it for anything.
As far as tools go, it really is a worthwhile addition.

xyberpix

On Fri Feb 17 12:47 , 'Burke, Charles' <Charles_Burke () HomeDepot com> sent:

> -----Original Message-----
> From: Burke, Charles 
> Sent: Friday, February 17, 2006 7:47 AM
> To: 'Serg Belokamen'
> Subject: RE: Tools comparison and evaluation question (AppScan)
>
>
> Also, WebInspect is a very good (commercial) tool.  It also includes
> some invaluable utilities (Sql Injector, etc) that are a step above
> their open source competitors.
>
> -----Original Message-----
> From: Serg Belokamen [serg.belokamen () gmail com] 
> Sent: Friday, February 17, 2006 2:04 AM
> To: webappsec () securityfocus com
> Subject: Tools comparison and evaluation question (AppScan)
>
>
> Hi All,
>
> I am currently looking at using/evaluating a tool called AppScan (by
> watchfire.com).
>
> So the question is in two parts and ASAP reply would be greatly
> appreciated.
>
> First:
> Without starting a flame war (hopefully) or marketing campaign (another
> hopefully) can any one tell me abut their experience with the software,
> what you find useful about it, what not, any annoyances, missing
> functionality, etc.
>
> Second:
> Can anyone recommend any simular type of software, preferably open
> source (although not at all essential), and describe its performance,
> usability and "usefulness" so to speak using AppScan as a reference
> point.
>
>   Thanks,
>       Serg
>
> ------------------------------------------------------------------------
> -
> This List Sponsored by: SpiDynamics
>
> ALERT: "How A Hacker Launches A Web Application Attack!" 
> Step-by-Step - SPI Dynamics White Paper
> Learn how to defend against Web Application Attacks with real-world 
> examples of recent hacking methods such as: SQL Injection, Cross Site 
> Scripting and Parameter Manipulation
>
> https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gR
> l
> ------------------------------------------------------------------------
> --
>
>
> -------------------------------------------------------------------------
> This List Sponsored by: SpiDynamics
>
> ALERT: "How A Hacker Launches A Web Application Attack!"
> Step-by-Step - SPI Dynamics White Paper
> Learn how to defend against Web Application Attacks with real-world
> examples of recent hacking methods such as: SQL Injection, Cross Site
> Scripting and Parameter Manipulation
>
> https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
> --------------------------------------------------------------------------


-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------