Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: OWASP Top 10 penetration testing software?
From: webcat <matthew.mckinzie () lewin com>
Date: Tue, 28 Feb 2012 12:32:29 -0800 (PST)


Hani, 

Thank you very much.  I will take a closer look at w3af

Matthew


Hani Benhabiles wrote:

On 02/28/2012 08:35 PM, webcat wrote:
Hi, for one of my websites, I have been required to use a web application
scanner that tests against the OWASP Top Ten threats. I'm looking for a
scanner that does this that is inexpensive or free.

Possible scanners I've found for this include the OWASP Zed Attach Proxy
Project, Sonar, and w3af, but none of these explicitly tests against the
OWASP Top Ten threats (at least not that I can tell).

Does anyone know of a scanner that does test against the OWASP Top Ten
threats? Thank you!
Hi,

w3af has an OWASP TOP 10 scanning profile but I can't tell how good it is.

Cheers,
Hani.

-- 
M. Hani Benhabiles
OWASP Algeria Student Chapter: Founder/President.
http://www.owaspalgeriasc.org
https://www.owasp.org/index.php/Algeria_Student_Chapter
Email: hani.benhabiles () owasp org

Twitter: https://twitter.com/#!/kroosec
Blog: http://kroosec.blogspot.com


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require a
full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------




-- 
View this message in context: http://old.nabble.com/OWASP-Top-10-penetration-testing-software--tp33409197p33409541.html
Sent from the Penetration Testing mailing list archive at Nabble.com.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]