WebApp Sec mailing list archives

Re: RE: AJAX and Web application scanners

From: rajeshdilli () yahoo com
Date: 28 Mar 2006 19:11:41 -0000

Thanks Hansen for agreeing my view. And also you had brought out another topic "differences in automated crawling vs 
manual browsing" for using the scan options. I myself carried out this experiment a few days back with some of these 
tools and definitely had experienced a big difference in the results. I wonder why none of these tools(vendors) don't 
specify this as a best practice. May be it's a "to-do" exercise left to the buyers of these tools.

Thanks
Rajesh

-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------

Current thread:

AJAX and Web application scanners rajeshdilli (Mar 27)
- RE: AJAX and Web application scanners Tate Hansen (Mar 28)
- Re: AJAX and Web application scanners Rogan Dawes (Mar 28)
- <Possible follow-ups>
- RE: AJAX and Web application scanners thomas.jones (Mar 28)
- RE: AJAX and Web application scanners Evans, Arian (Mar 28)
- Re: RE: AJAX and Web application scanners rajeshdilli (Mar 28)
- RE: AJAX and Web application scanners Jeff Robertson (Mar 29)
  - Re: AJAX and Web application scanners Andrew van der Stock (Mar 29)