mailing list archives
Re: Testing Application vulnerability tools
From: Romain Gaucher <romain.gaucher () nist gov>
Date: Tue, 20 Feb 2007 14:45:25 -0500
Actually, I understood that he needed a tool for code review.
Then AppScan and Acunetix WVS are not doing this, they are only Back box
tester as far as I know.
So I would say for the crystal box:
- DevInspect from SPI-Dynamics
- Tracer from Fortify
manmohan pv wrote:
I think Appscan or Acunetix are the two tools used to
find the CSS and SQL related issues.
both are commercial tools.
--- WALI <hkhasgiwale () gmail com> wrote:
I have a team of software developers involved in
writing code for HR
management application. They have put the first
module payroll online but
everyday, we get reports of users getting access to
areas they shouldn't.
The software team is involved in continues debugging
Is there a tool I can use to do software code review
I know it's also design issue but there should be a
way I can at least
check the front end (http) interface for common
Now you can have your favourite RSS headlines come to you with the all new Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html
romain.gaucher () nist gov
National Institute of Standards and Technology
SAMATE Project: http://samate.nist.gov