[WEB SECURITY] best tool for web app scanning / pen testing

Phil Gmail phil at safewalls.net
Tue Mar 5 21:46:05 EST 2013


Id recommend Burp Pro, but it is not an automated tool. Www.burpsuite.com

Phil
Sent from iPhone
Twitter: @sec_prof

On Mar 5, 2013, at 17:53, Zippy Zeppoli <zippyzeppoli at gmail.com> wrote:

> Hello,
> I am looking for a solution to do web application vulnerability
> scanning / testing.
> IBM's rational appscan seems like a good solution, and I've used it in the past.
> The only problem seems to be the IBM part. I'm trying to engage them
> for a trial license that doesn't only scan some useless webgoat, and
> test it on my own app.
> 
> I'm getting kind of dismayed with the responsiveness, so I'm wondering
> if there are better *commercial* solutions out there which are ready
> to go out of the box.
> I'd love to use open source tools, but I don't have the time to do the
> engineering part since I'm overburdened.
> 
> Thanks for your tips.
> 
> Z
> 
> _______________________________________________
> The Web Security Mailing List
> 
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
> 
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> 
> WASC on Twitter
> http://twitter.com/wascupdates
> 
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org




More information about the websecurity mailing list