WebApp Sec mailing list archives

Re: Searching for the tool

From: "Kevin Spett" <kspett () spidynamics com>
Date: Mon, 14 Apr 2003 13:26:32 -0400

If you're interested in a commercial solution, WebInspect
(http://www.spidynamics.com/download.html) meets all of your requirements
and actually does more than you're looking for, like scanning for known
vulnerabilities and other types of application issues.  If you're looking
for the free/open-source route, you can work with Achilles, WebProxy,
Exodus, SPIKE, etc for app testing and nikto, nessus or whisker for known
issues.


Kevin Spett
SPI Labs
http://www.spidynamics.com/

----- Original Message -----
From: <ihanuska () mybox cz>
To: <webappsec () securityfocus com>
Sent: Monday, April 14, 2003 3:03 AM
Subject: Searching for the tool


Hallo everyone,

I am searching for the tool to test someone else's web application. Tool
should be able to work under NT/2000/XP client.

My intention is to test some SQL/script injections etc. I need something
where I can see raw html stream coming in and coming out of my web browser.
So I am searching something that will fit between NT TCP/IP stack and web
browser, or it will have own browser.

The tool has to be able to access also https sites.

Thank you for any advice!

Ivo Hanuska


-----
Zúčastněte se průzkumu o paušálech na dial-up Internet a ADSL pořádaný
projektem Internet pro všechny http://www.internetprovsechny.cz/demand.php .

Current thread:

Searching for the tool ihanuska (Apr 14)
- RE: Searching for the tool owasp (Apr 14)
- Re: Searching for the tool Dave Aitel (Apr 14)
  - Re: Searching for the tool Stephen de Vries (Apr 15)
- Re: Searching for the tool Kevin Spett (Apr 14)
- <Possible follow-ups>
- RE: Searching for the tool Dawes, Rogan (ZA - Johannesburg) (Apr 14)