Re: [WEB SECURITY] which is the best web application vulnerability scanner
I think that we've confused instead of helping you.
Long story short, from that list and using those requirements Arachni is
the one you want.
Very fast[1], easy to use[2], covers the OWASP Top 10[3] and can
generate HTML, XML, TXT reports[4].
[1] Asynchronous requests yield great performance.
[2] arachni http://www.mysite.com --report=html
[3] And many more.
[4] At the end of each scan the results will also be saved in an Arachni
Framework Report file (.afr)
so that you can generate more reports without having to rescan.
On 05/04/2011 04:15 PM, 孙松柏 wrote:
I want to find a good scanner that can find OWASP top ten
vulnerability and may be more. also I want it has a good report system.
On Wed, May 4, 2011 at 3:46 AM, Tasos Laskos <tasos.laskos@gmail.com
mailto:tasos.laskos@gmail.com> wrote:
It didn't occur to me before but I think you're asking the wrong
question.
You're working backwards...you first need to figure out *what* you
want to do and then find a scanner that does those things *well*.
So...what are you looking for?
On 05/03/2011 03:22 AM, 孙松柏 wrote:
which is the best web application vulnerability scanner .among
the free software like
Arachni
JBrofuzz
Webshag
Websecurify
Zero Day Scan
Nikto
Wapiti
W3AF
Skipfish
Grendel-Scan
Grabber
Arachni
wikto
may be sth more and support server client mode.
FIT1-213
Department of Computer Science
Tsinghua University, Beijing, 100084
http://about.me/anakin/bio
_______________________________________________
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
<mailto:websecurity@lists.webappsec.org>
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
--
FIT1-213
Department of Computer Science
Tsinghua University, Beijing, 100084
http://about.me/anakin/bio