Educause Security Discussion
mailing list archives
Re: Web App Scan tool
From: "Dawson,Scottie" <scottie.Dawson () COLOSTATE EDU>
Date: Wed, 26 Nov 2008 10:16:21 -0700
I recently downloaded and started using Samurai Web Testing Framework. Its
an Ubuntu based LiveCD so its easy to install on a machine if you like to
tools enough. It has a wide selection of web application hacking/testing
tools that are open source that will do pretty much anything you want to do.
The downside is that you have to read some and combine some of the tools to
get the best results. The upside its free and the cd is set up so that the
tools just work.
ACNS Colorado State University
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mark Monroe
Sent: Friday, November 21, 2008 3:10 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Web App Scan tool
I need to test some web apps. I am not fantastic at this. I am looking
for a tool to help and due to a total lack of funds right now I cannot
buy anything. I need to check for the usual things like x site scripting
and sql injection and one of the apps generates a token and passes it on
to another site and I need to make sure that can not be "messed" with too.