[WEB SECURITY] open source tools is not as good as imaged
lukesun629 at gmail.com
Fri Jun 3 23:18:04 EDT 2011
i recently do some pentest. i used several tools both open source and
commerical tools !
for the commerical ones ,i use appscan & acunetix
for the open source ones skipfish &arachni &w3af
for the free one netsparker community edition
obviously , the open source tools is not stable(w3af), and the three of
them can not scan some fatal vulnerable(such as sql injection) as appscan
can easily discovery.
netsparker is good in both speed and result . but it's community edition has
a lot restriction.
so anyone has a project to help the opensource tools upgrade.
Department of Computer Science
Tsinghua University, Beijing, 100084
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity