Penetration Testing mailing list archives
Re: Opinions of automated testers
From: Joey Peloquin <joeyp () cotse net>
Date: Thu, 10 May 2007 08:53:43 -0500
Benny Tsai wrote:
Another option is setting up WebGoat as a pen-test playground: http://www.owasp.org/index.php/OWASP_WebGoat_Project -Benny
Webgoat is absolutely terrible for evaluating automated scanners. It's intended as a training tool, not an evaluation platform (for now, at least). If you rely on it alone, you won't be happy with any scanner on the market. Other than SPI and Cenzic's test sites, I'd take the advice of our other peers that have recommended the Hacme* line of test apps. If you're savvy, you could also try to get your own running with the OWASP SiteGenerator [http://www.owasp.org/index.php/Owasp_SiteGenerator]. Good luck! -jp ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Opinions of automated testers zackpeters75 (May 07)
- RE: Opinions of automated testers Erin Carroll (May 07)
- RE: Opinions of automated testers M. Groen (May 09)
- RE: Opinions of automated testers Erin Carroll (May 09)
- Re: Opinions of automated testers Joern Ahrens (May 10)
- RE: Opinions of automated testers John Reno (May 09)
- Re: Opinions of automated testers Lee Lawson (May 10)
- RE: Opinions of automated testers M. Groen (May 09)
- RE: Opinions of automated testers Kevin Reiter (May 09)
- Re: Opinions of automated testers Benny Tsai (May 09)
- Re: Opinions of automated testers Joey Peloquin (May 10)
- RE: Opinions of automated testers Erin Carroll (May 07)
- RE: Opinions of automated testers Vishal Garg (May 10)
- Re: Opinions of automated testers rajat swarup (May 15)
- Re: Opinions of automated testers Lee Lawson (May 08)