RE: Opinions on Burp Suite Web App Scanner

---

• From: "Ben de Bont" <bendebont@xxxxxxxxx>
• Date: Wed, 12 Oct 2011 09:41:18 -0700

---

BurpSuite is my pen-test teams tool of choice. The spider and scanner are
great, and it has a lot of other functionality that is very useful. It is
also cheap - get it.

- Ben de Bont

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of Derrenbacker, L. Jonathan
Sent: Wednesday, October 12, 2011 8:31 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Opinions on Burp Suite Web App Scanner

I have budget for a web app vulnerability scanner, and I was wondering if
anyone has opinions on the professional version Burp Suite with the scanner
option.
Is the scanner any good? Accurate?

This is the website if anyone doesn't know what it is:
http://portswigger.net/burp/scanner.html



Thanks,
Jon

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

---

• Follow-Ups:
  • Re: Opinions on Burp Suite Web App Scanner
    • From: Meenal Mukadam

• References:
  • Nmap
    • From: Ukpong
  • Re: Nmap
    • From: Jeffory Atkinson
  • Re: Nmap
    • From: John M. Martinelli
  • Opinions on Burp Suite Web App Scanner
    • From: Derrenbacker, L. Jonathan

• Prev by Date: Re: Opinions on Burp Suite Web App Scanner
• Next by Date: Re: CEHv7
• Previous by thread: Re: Opinions on Burp Suite Web App Scanner
• Next by thread: Re: Opinions on Burp Suite Web App Scanner
• Index(es):
  • Date
  • Thread

---

Relevant Pages web application scanner question ... scanner. ... test HTML, HTTP headers, script and very basic SSL problems ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ... (Pen-Test) Re: out of box scanner ... If you are looking for best web application tool involving manual and automated techniques, Burp rules the web app pen testing today. ... I would highly suggest taking a look at the scanner list here: ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ... (Pen-Test) Re: Opinions on Burp Suite Web App Scanner ... Burp is meant to be a helping hand to the pentester, ... Opinions on Burp Suite Web App Scanner ... Information Assurance Certification Review Board ... (Pen-Test) Re: Opinions on Burp Suite Web App Scanner ... Opinions on Burp Suite Web App Scanner ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ... (Pen-Test) Re: out of box scanner ... I would highly suggest taking a look at the scanner list here: ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2011-10