Re: Vuln Scanner for Web App Source Code

Acunetix Web Vulnerability Scanner will somewhat do this- it will attempt to manipulate various variables it detects in the pages you're scanning, then point out which variables in your souce are susceptible to unsanitized input, cross site scripting, ect.

That said, if you have the time doing this manually is the superior method. :)


On Sun, 18 May 2008, cnanne@xxxxxxxxx wrote:

This might be a bit of a dumb question, but does anyone know of a good Vulnerability Scanner for finding faults in the actual Source Code of the Web App? Or can this task can only be done by hand?

Any feedback on this is highly appreciative