Educause Security Discussion
mailing list archives
Re: Web App Scan tool
From: "Bradley, Stephen W. Mr." <bradlesw () MUOHIO EDU>
Date: Wed, 26 Nov 2008 11:34:44 -0500
We have been happy with HP's WebInspect.
It however is not what you would call inexpensive.
Stephen W. Bradley GCIH CISSP SSCP
Network Security Specialist
Computing & Communication Services
bradlesw () muohio edu<mailto:bradlesw () muohio edu>
"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
Benjamin Franklin, Historical Review of Pennsylvania, 1759
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of
Sent: Wednesday, November 26, 2008 11:23 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Web App Scan tool
You might want to take a look at the Web Vulnerability Scanner product from Acunetix. It looks to have some very good
features, and at the same time, is reasonably priced.
IT Security Administrator
Information Technology Services
University of the Fraser Valley
33844 King Road
Abbotsford, BC V2S 7M8
Christopher.Jones () ufv ca<mailto:Christopher.Jones () ufv ca>
Mark Monroe <markm196 () NETSCAPE NET> 11/21/2008 2:10 PM >>>
I need to test some web apps. I am not fantastic at this. I am looking
for a tool to help and due to a total lack of funds right now I cannot
buy anything. I need to check for the usual things like x site scripting
and sql injection and one of the apps generates a token and passes it on
to another site and I need to make sure that can not be "messed" with too.