WebApp Sec mailing list archives
RE: FW: Tools comparison and evaluation question (AppScan)
From: "David Munge" <david.munge () equallykeen com>
Date: Fri, 17 Feb 2006 16:41:01 -0000
Does anybody in the Forum have experience in utilizing the WSDL down load from WebInspek, or other scanners to configure their WAF solutions. David Munge -----Original Message----- From: Peter Wood [mailto:peterw () firstbase co uk] Sent: 17 February 2006 15:06 To: webappsec () securityfocus com Cc: Charles' Subject: Re: FW: Tools comparison and evaluation question (AppScan) We use WebInspect on a daily basis too, and have done so since version 1.0. It's an excellent tool with some excellent (and constantly improving) utilities. Pete At 13:46 17/02/2006 +0000, Xyberpix wrote:
I use WebInspect pretty much ona daily basis, and wouldn't trade it for anything. As far as tools go, it really is a worthwhile addition. xyberpix-----Original Message----- From: Burke, Charles Sent: Friday, February 17, 2006 7:47 AM To: 'Serg Belokamen' Subject: RE: Tools comparison and evaluation question (AppScan) Also, WebInspect is a very good (commercial) tool. It also includes some invaluable utilities (Sql Injector, etc) that are a step above their open source competitors. -----Original Message----- From: Serg Belokamen [serg.belokamen () gmail com] Sent: Friday, February 17, 2006 2:04 AM To: webappsec () securityfocus com Subject: Tools comparison and evaluation question (AppScan) Hi All, I am currently looking at using/evaluating a tool called AppScan (by watchfire.com). So the question is in two parts and ASAP reply would be greatly appreciated. First: Without starting a flame war (hopefully) or marketing campaign (another hopefully) can any one tell me abut their experience with the software, what you find useful about it, what not, any annoyances, missing functionality, etc. Second: Can anyone recommend any simular type of software, preferably open source (although not at all essential), and describe its performance, usability and "usefulness" so to speak using AppScan as a reference point. Thanks, Serg
-------------------------------------------------------------------- Peter Wood FBCS CITP MIEEE MIMIS CISSP Chief of Operations First Base Technologies Office: +44 (0)1273 454525 Mobile: +44 (0)7774 239915 www.fbtechies.co.uk www.white-hats.co.uk ------------------------------------------------------------------------- This List Sponsored by: SpiDynamics ALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl -------------------------------------------------------------------------- ------------------------------------------------------------------------- This List Sponsored by: SpiDynamics ALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- RE: Tools comparison and evaluation question (AppScan), (continued)
- RE: Tools comparison and evaluation question (AppScan) Peine,Holger (Feb 17)
- Re: Tools comparison and evaluation question (AppScan) Lucien Fransman (Feb 17)
- Re: Tools comparison and evaluation question (AppScan) Serg B. (Feb 17)
- Re: Tools comparison and evaluation question (AppScan) Lucien Fransman (Feb 17)
- FW: Tools comparison and evaluation question (AppScan) Burke, Charles (Feb 17)
- Re: FW: Tools comparison and evaluation question (AppScan) Serg B. (Feb 17)
- RE: Tools comparison and evaluation question (AppScan) Burke, Charles (Feb 17)
- Re: Tools comparison and evaluation question (AppScan) Ratna Kumar (Feb 17)
- RE: Tools comparison and evaluation question (AppScan) Rui Pereira (WCG) (Feb 17)
- Re: FW: Tools comparison and evaluation question (AppScan) Xyberpix (Feb 17)
- Re: FW: Tools comparison and evaluation question (AppScan) Peter Wood (Feb 17)
- RE: FW: Tools comparison and evaluation question (AppScan) David Munge (Feb 17)
- Re: FW: Tools comparison and evaluation question (AppScan) Peter Wood (Feb 17)
- RE: Tools comparison and evaluation question (AppScan) Xyberpix (Feb 17)
- RE: Tools comparison and evaluation question (AppScan) King, Stuart (REHQ-LON) (Feb 17)
- RE: Tools comparison and evaluation question (AppScan) Talwar, Mansi (Feb 17)
- RE: FW: Tools comparison and evaluation question (AppScan) Brokken, Allen P. (Feb 17)
- RE: FW: Tools comparison and evaluation question (AppScan) Erwin Geirnaert (Feb 17)
- RE: (OWASP Web App Tool Project) Tools comparison and evaluation question (AppScan) arian.evans (Feb 18)
- RE: FW: Tools comparison and evaluation question (AppScan) Joe White (Feb 17)
- RE: FW: Tools comparison and evaluation question (AppScan) arian.evans (Feb 18)
- Re: Tools comparison and evaluation question (AppScan) Tommy (Feb 19)
- RE: FW: Tools comparison and evaluation question (AppScan) arian.evans (Feb 18)
- Re: RE: Tools comparison and evaluation question (AppScan) mr . dan . friedman (Feb 19)
(Thread continues...)
- RE: Tools comparison and evaluation question (AppScan) Peine,Holger (Feb 17)