RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?
From: Erik Anderson (eanders_at_midco.net)
Date: 09/23/03
- Previous message: Harbar, Spencer: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- In reply to: Harbar, Spencer: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Next in thread: Oscar Kooijman: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Reply: Oscar Kooijman: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Harbar, Spencer" <spencer.harbar@dns.co.uk>, "Milind Nanal" <milindyn@rolta.com>, <focus-ms@securityfocus.com> Date: Tue, 23 Sep 2003 13:02:48 -0500
If you have a Linux system try Nessus. It is the best open source/free
Vulnerability Scanner out there.
Erik
> -----Original Message-----
> From: Harbar, Spencer [mailto:spencer.harbar@dns.co.uk]
> Sent: Tuesday, September 23, 2003 10:17 AM
> To: Milind Nanal; focus-ms@securityfocus.com
> Subject: RE: Vulnerability scanner for SQL injection, HTML injection-
> free or commercial ?
>
>
>
> Check out ScanDo from www.kavado.com, WebInspect from
> www.spidynamics.com and AppScan from www.sanctum.com
>
> hth
> Spence
>
>
> -----Original Message-----
> From: Milind Nanal [mailto:milindyn@rolta.com]
> Sent: 19 September 2003 06:31
> To: focus-ms@securityfocus.com
> Subject: Vulnerability scanner for SQL injection, HTML injection- free
> or commercial ?
>
> Hi,
>
> Can anyone please tell me information about any vulnerability scanner
> (free or trial version of commercial scanner) which can scan SQL
> injection , HTML injection of IIS web server running with MS sql 2000 as
> a backend database.
>
> I get many document on the internet which tell me few default techniques
> of SQL injection & trying out those to carry out SQL injection test. I
> am looking out for ready made scanner which has a set of inbuilt
> commands to carry out SQL , HTML injection attack & give a report ,
> recommendations to solve the problem.
>
> Quick response is appreciated
>
> Regards,
>
> Milind
>
> ------------------------------------------------------------------------
> ---
> ------------------------------------------------------------------------
> ---
>
>
>
>
>
> ------------------------------------------------------------------
> ---------------------------
> This e-mail was checked and validated by the dns email content
> management service.
>
> For information on how to improve email management for your
> organisation, please contact sales@dns.co.uk
> ------------------------------------------------------------------
> ---------------------------
>
>
>
>
>
> ------------------------------------------------------------------
> ---------
> ------------------------------------------------------------------
> ---------
>
>
>
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Harbar, Spencer: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- In reply to: Harbar, Spencer: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Next in thread: Oscar Kooijman: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Reply: Oscar Kooijman: "RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
