Re: Web Application Testers.

From: Kevin Spett (kspett@mediaone.net)
Date: 09/25/01 

Message-ID: <000001c14568$3e26a580$3200000a@spidata>
From: "Kevin Spett" <kspett@mediaone.net>
To: "Dom De Vitto" <Dom@DeVitto.com>, <pen-test@securityfocus.com>, <vuln-dev@securityfocus.com>
Subject: Re: Web Application Testers.
Date: Mon, 24 Sep 2001 17:12:23 -0700

    WebInspect is designed specifically for web application security
assessments. There's a fully-functional evaluation download.
www.spidynamics.com/download.html
    Also check out the "On web application audits" thread on the
www-mobile-code list from this week. Norman Cook's post goes into detail on
tools.
http://www.securityfocus.com/cgi-bin/archive.pl?id=107&mid=215692&start=2001
-09-21&end=2001-09-27

    Kevin.

----- Original Message -----
From: "Dom De Vitto" <Dom@DeVitto.com>
To: <pen-test@securityfocus.com>; <vuln-dev@securityfocus.com>
Sent: Monday, September 24, 2001 7:17 AM
Subject: Web Application Testers.

> I've just been reading about Sanctum's AppScan, which appears to be on the
> right track, but I've nothing to compare it to...
>
> Any advice/experience.
>
> FYI, AppScan breaks/subverts web applications - there are plenty of tools
> to break web servers (apache/IIS), but it looks like appscan is on it's
own
> on the test-the-bespoke-web-app front.
>
> Thanks all, in advance,
> Dom
>
>
>
> -------------------------------------------------------------------------- 

--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>
>

Relevant Pages

  • RE: SQL
    ... Subject: SQL ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Insurance
    ... property--data beign deemed "intangible" for the purposes of insurance. ... for physical security testing there are often 3rd parties ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Pen-Testing Lotus Notes/Domino
    ... Subject: Pen-Testing Lotus Notes/Domino ... of document security. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • R: Pen-Testing help (Compaq Insight & htsearch)
    ... This web server happens to be in front of their ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: Application & Iplanet/Apache web server vulnerability and penetration testing
    ... I don't know what to do on the web servers other than delete example ... Any suggestions on iPlanet and Apache security? ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)