[WEB SECURITY] best tool for web app scanning / pen testing

Zippy Zeppoli zippyzeppoli at gmail.com
Tue Mar 5 20:53:43 EST 2013


Hello,
I am looking for a solution to do web application vulnerability
scanning / testing.
IBM's rational appscan seems like a good solution, and I've used it in the past.
The only problem seems to be the IBM part. I'm trying to engage them
for a trial license that doesn't only scan some useless webgoat, and
test it on my own app.

I'm getting kind of dismayed with the responsiveness, so I'm wondering
if there are better *commercial* solutions out there which are ready
to go out of the box.
I'd love to use open source tools, but I don't have the time to do the
engineering part since I'm overburdened.

Thanks for your tips.

Z




More information about the websecurity mailing list