[Owasp-austin] Web Application Security Scanners

Josh Sokol josh.sokol at ni.com
Fri Oct 3 12:36:35 EDT 2008


David,

Check out w3af (Web Application Attack and Audit Framework).  It was 
presented on at the OWASP AppSec NYC 2008 conference and I thought it was 
awesome.  It incorporates all of your typical Watchfire AppScan/Cenzic/SPI 
type of scanning with some very cool plugin features and even has exploit 
functionality similar to that of CoreImpact.  And it's an OWASP project!

Sincerely,

Josh Sokol (CCNA, GWAS)
Web Systems Engineer
National Instruments



David Hughes <dhughes at indepthsec.com> 
Sent by: owasp-austin-bounces at lists.owasp.org
10/03/2008 10:22 AM

To
owasp-austin <owasp-austin at lists.owasp.org>
cc

Subject
[Owasp-austin] Web Application Security Scanners






All,

While I've had experience with vulnerability scanners (Core, Nessus, etc) 
I've never really looked into what's out there with regards to vuln 
scanners that focus on Web Application Vulnerability scanning.  I'm trying 
to compile a list of security tools that are "out there" and was wondering 
what you all know about/use/recommend.  I have a pretty full list of other 
tools, but my web app section is pretty lean. Any thoughts? Could be open 
source, commercial, etc. 

Thanks

David H. 


-- 
David Hughes, CISSP,MCSA,MCSE
In-Depth Security
823 Congress Avenue, #1510
Austin, TX  78701
office:512.394.3754
mobile: 512.623.9550
www.indepthsec.com


_______________________________________________
Owasp-austin mailing list
Owasp-austin at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-austin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-austin/attachments/20081003/0d1bca87/attachment.html 


More information about the Owasp-austin mailing list