Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Opinions on Burp Suite Web App Scanner
From: Meenal Mukadam <meenal.mukadam () gmail com>
Date: Tue, 18 Oct 2011 23:15:57 -0600

Dear Jon,

Webscarab was my #1 but after using Burp I had to hand over the #1
title to Burp Suite. Many 'on-the-fly' options for testing makes it a
pentesters best friend. You can also refer to this article if you want
more information about different scanners and their accuracy:
http://ha.ckers.org/blog/20100203/accuracy-and-time-costs-of-web-application-security-scanner-report/

Regards,
Meenal Mukadam


On Wed, Oct 12, 2011 at 10:41 AM, Ben de Bont <bendebont () gmail com> wrote:

BurpSuite is my pen-test teams tool of choice.  The spider and scanner are
great, and it has a lot of other functionality that is very useful.  It is
also cheap - get it.

- Ben de Bont

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Derrenbacker, L. Jonathan
Sent: Wednesday, October 12, 2011 8:31 AM
To: pen-test () securityfocus com
Subject: Opinions on Burp Suite Web App Scanner

I have budget for a web app vulnerability scanner, and I was wondering if
anyone has opinions on the professional version Burp Suite with the scanner
option.
Is the scanner any good? Accurate?

This is the website if anyone doesn't know what it is:
http://portswigger.net/burp/scanner.html



Thanks,
Jon

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]