Re: Web Application Testing

["Fabio Cerullo" <fcerullo () gmail com>]

Thank you very much for the feedback. It is really much appreciated.

I will go after Chris suggestion (SpyDynamics) if budget allows it.

Mesut, have you tried Acunetix Vulnerability Scanner?

Thanks again,

Fabio

On 5/8/07, Chris Barber <cmbarber () gmail com> wrote:
> SpyDynamics has a package that does just what you described.  I have
> used it in the past and it works great.  Infact, I used it on a COTS
> package that my company was thinking about using and we found a huge
> flaw in the way it handled userids passwords.  We notified the
> publisher and they were non-believers until we demoed the flaw to them
> in person.  They fixed the problem imediately, and we eventually did
> buy the package, after a retest with SpyDynamics' tool.
>
> Chris.
>
> On 5/8/07, Fabio Cerullo <fcerullo () gmail com> wrote:
> > Hello all,
> >
> > is there any guide/tool which could help someone to do a web
> > application security assessment?
> >
> > I mean... an automated tool that you could fire against the app. and
> > will give you a report or some kind of checklist to go through in
> > order to reinforce security.
> >
> > I remember from old days to have used Webtrends but i don't know if
> > there is something new in the market.
> >
> > Any help will be really appreciated.
> >
> > Thank you very much.
> >
> > Fabio
> >