Wednesday, March 18, 2009

Open Source (or free) Web Application Vulnerability scanners

We're experiencing some issues with our web scanning tool; it seems to be dying on some types of applications. Either that, or it will finish the scan, but not generate the reports. So, a co-worker and I are looking at some Open Source or Free web application vulnerability scanners. If anyone has a comment on any of the products, I'd be interested in hearing them.

  • Wikto
  • Acunetix
  • N-Stalker - it looks like the free version has a limited number of checks and will only scan 100 pages within the target application.
  • Sandcat - it appears that the professional edition includes session resume support, full vulnerability information, report generator, and auto updates.

I wanted to mention Jeremiah's post where he mentions two reviews on App scanners.

No comments:

Post a Comment