[OWASP-Bangalore] Suggestion for a good Web security scanner

Shyam Hirurkar shyamsecurityceh at gmail.com
Fri Feb 4 02:27:35 EST 2011


Hi,

Try Netsparker OR Nstalker.. I found both are good.. Netsparker has
extensive pen test built in so use it very cautiously on production..

Let me know any other good tool apart from these even i am also evaluating..
I am looking at somthing URL injection should also detect..

Because now a days i am coming across lot of URL injection on the cached
pages..If any one has idea how to check this kind of attack that would be
very helpful also how to mitigate or take care if affected sites. I am new
to this...

Thanks in advance..

OSCAR

On Wed, Feb 2, 2011 at 11:08 PM, Rajagopal Natarajan
<rajagopal.n at gmail.com>wrote:

> Hi Fellow OWASPers,
>
> I've been trying to evaluate tools that would help me find XSS and other
> security loopholes on a given site.
>
> Scanmus is one that is not available to anyone outside of Yahoo!
> Acunetix is another that I found.
> Burpsuite Professional doesn't let users trial the software before buying
> it.
> It is difficult to evaluate these software without getting hold of a copy.
>
> Any suggestions or pointers from your experiences would be highly
> appreciated
>
> PS: Excuse me about cross posting to bangalore and chennai lists, incase
> there are people subscribed to both.
>
> Thanks,
> Rajagopal
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20110204/b03f3f61/attachment.html 


More information about the OWASP-Bangalore mailing list