Penetration Testing mailing list archives
Re: Tools comparison and evaluation question (AppScan)
From: Petr.Kazil () eap nl
Date: Fri, 17 Feb 2006 19:05:34 +0100
the list of tools I've put together is Commercial Tools ----------------- SPI Webinspect
We have a license for this and it's not cheap. I'm not the guy who uses this tool, but my colleagues do.
From what I've seen over their shoulders:
- it's very powerful and relatively intelligent in interpreting the results it gets from the website (more intelligent than nikto) - it's produced surprising results several times that we wouldn't have found by hand - if you run it full throttle it can crash a weak server - it produces a lot of output that you have to scrutinize by hand - it needs a lot of time to tame, and a lot of time to get used to. But overall we are satisfied. We just renewed the license for another year. I also have the feeling that SPI staff is very approachable. Of course we are curious about your experiences ... ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Tools comparison and evaluation question (AppScan) Serg Belokamen (Feb 17)
- <Possible follow-ups>
- Re: Tools comparison and evaluation question (AppScan) Rory McCune (Feb 17)
- Re: Tools comparison and evaluation question (AppScan) Serg B. (Feb 18)
- RE: Tools comparison and evaluation question (AppScan) Rui Pereira (WCG) (Feb 18)
- Re: Tools comparison and evaluation question (AppScan) Petr . Kazil (Feb 18)
- RE: Tools comparison and evaluation question (AppScan) Darren Webb (Feb 20)