WebApp Sec mailing list archives
RE: Web Application Analysis Tools?
From: "Lars Troen" <Lars.Troen () proxycom no>
Date: Thu, 12 Dec 2002 19:29:43 +0100
David, For an automatic scan of your site you could try SpikeProxy. For a manual audit you whould use WebScarab. Spikeproxy is available for *nix and win32 and can be found here: http://www.immunitysec.com/spikeproxy.html WebScarab is win32 only and can be found here: http://sourceforge.net/projects/owasp/ Lars
-----Original Message----- From: David Simcik [mailto:dave () simcik com] Sent: Thursday, December 12, 2002 18:50 To: Webappsec Subject: Web Application Analysis Tools? Where I work, we've (read: I) have spent a considerable amount of time focusing in on locking-down our sites/servers on the system level, from say, IIS down, through a variety of ways. I should point out that we're a small web development shop in academia. I'd now like to focus on our web application source now as well. Are there any analysis/auditing tools out there (especially free/inexpensive ones) that will help with this? I suspect there aren't any "one size fits all" type solutions out there for this, but I have to try. Thanks! David
Current thread:
- RE: Web Application Analysis Tools? Lars Troen (Dec 12)
- <Possible follow-ups>
- Web Application Analysis Tools? David Simcik (Dec 12)
- Re: Web Application Analysis Tools? Kevin Spett (Dec 12)
- Re: Web Application Analysis Tools? Jeff Williams @ Aspect (Dec 12)
- Re: Web Application Analysis Tools? Kevin Spett (Dec 12)
- Re: Web Application Analysis Tools? Martin Eiszner (Dec 12)
- Re: Web Application Analysis Tools? Kevin Spett (Dec 12)