lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <42AE9E8F.8010406@xmcopartners.com>
Date: Tue Jun 14 10:08:39 2005
From: fcharpen at xmcopartners.com (Frederic Charpentier)
Subject: Web application Security Scanner

Hi.
An efficient program, capable of finding unknown vulnerabilities in web 
application, does not exist.

Nikto, Ns-stealth are usefull, but they will never do a proper audit.

Paros, Sleuth and Spike are really usefull to find unknown 
vulnerabilites, but they are not automatic. Someone needs to be in front 
of the screen to interpret the behaviour of the application.

Fred

tgoogle wrote:
> Did you know the best Web app security scanner?
> 
> I need scanner, which would find SQL injections, XSS, php include and other bug in unknown Web application.
> 
> Thanks
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

-- 
Frederic Charpentier - Xmco Partners
Security Consulting / Pentest
web  : http://www.xmcopartners.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ