[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Web application Security Scanner

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Web application Security Scanner
From: Frederic Charpentier <fcharpen@xxxxxxxxxxxxxxxx>
Date: Tue, 14 Jun 2005 11:08:31 +0200

Hi. An efficient program, capable of finding unknown vulnerabilities in web application, does not exist.

Nikto, Ns-stealth are usefull, but they will never do a proper audit.

Paros, Sleuth and Spike are really usefull to find unknown vulnerabilites, but they are not automatic. Someone needs to be in front of the screen to interpret the behaviour of the application.

Fred

tgoogle wrote:

Did you know the best Web app security scanner?

I need scanner, which would find SQL injections, XSS, php include and other bug 
in unknown Web application.

Thanks
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


--
Frederic Charpentier - Xmco Partners
Security Consulting / Pentest
web  : http://www.xmcopartners.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Web application Security Scanner
  - From: tgoogle

Prev by Date: Re: [Full-disclosure] RE: End users as security devices
Next by Date: [Full-disclosure] www.whois.sc
Previous by thread: Re: [Full-disclosure] Web application Security Scanner
Next by thread: RE: [Full-disclosure] Web application Security Scanner
Index(es):
- Date
- Thread