RE: Web Application Tester
chuan.delahosseraye_at_accenture.com
Date: 09/15/04
- Previous message: Martin Mačok: "Re: Strange response from network"
- Maybe in reply to: Andrew Bagrin: "Web Application Tester"
- Next in thread: A.R.: "RE: Web Application Tester"
- Reply: A.R.: "RE: Web Application Tester"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 15 Sep 2004 17:27:51 +0200 To: <r00t@northernfortress.net>, <andrew@beegads.com>
According to my previous search on a Web pen-test tools, AppScan,
WebInspect and Scando are all much more expensive than AppDetective. If
cost is a concern, it might be possible to combine a selection of free
tools such as:
- Nessus
- Nikto
- WebScarab
- Achilles
But this would involve a lot of Manual works.
Hope this helps
Chuan
-----Original Message-----
From: A.R. [mailto:r00t@northernfortress.net]
Sent: 15 September 2004 12:27
To: andrew@beegads.com
Cc: pen-test@securityfocus.com
Subject: Re: Web Application Tester
Andrew,
I don't know what's your budget, but for web applications you can try
the following commercial products:
- AppScan, by Sanctum (www.sanctuminc.com)
- WebInspect, by Spidynamics (www.spidynamics.com)
- ScanDo, by Kavado (www.kavado.com)
...Or the good ol' Paros (http://www.proofsecure.com/download.shtml),
open source and free
Hope this helps
Alberto Revelli
Northern Fortress, Inc.
On Tue, 2004-09-14 at 22:49, Andrew Bagrin wrote:
> Does anyone know of an application tester similar to AppDetective
> thats not as hard on the pocket book?
> I need to pentest a web app and am looking for some tools
>
> Thanks,
--
"Give me a woman who loves beer and I will conquer the world."
-- Kaiser Wilhelm II
------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hacking
course,
learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
- Previous message: Martin Mačok: "Re: Strange response from network"
- Maybe in reply to: Andrew Bagrin: "Web Application Tester"
- Next in thread: A.R.: "RE: Web Application Tester"
- Reply: A.R.: "RE: Web Application Tester"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
