Comparison & Assessment of 43 Free & Open Source Black Box Web Application Vulnerability Scanners
Introduction
I’ve been collecting them for years, trying to get my hands on anything that was released within the genre. It started as a necessity, transformed into a hobby, and eventually turned into a relatively huge collection… But that’s when the problems started.
While back in 2005 I could barely find freeware web application scanners, by 2008 I had SO MANY of them that I couldn’t decide which ones to use. By 2010 the collection became so big that I came to the realization that I HAVE to choose.
I started searching for benchmarks in the field, but at the time, only located benchmarks the focused on comparing commercial web application scanners (with the exception of one benchmark that also covered 3 open source web application scanners), leaving the freeware & open source scanners in an uncharted territory
The benchmark information and various reports: http://sectooladdict.blogspot.com/
The framework for assessing vulnerability scanners was implanted in JEE, and is hosted in the following address: http://code.google.com
Volut-ID | World News Articles
All news of interest and can provide an info for you, and so can assist in the search for new news.
About news gadgets, mobile phones
info about the latest mobile phone, from news, features, and the most mobile phone models in search of the world.
Web Application Scanners Accuracy Assessment
Related Post
Papers
- Securing The Kernel via Static Binary Rewriting and Program Shepherding
- Securing The Kernel via Static Binary Rewriting and Program Shepherding
- 2011 Data Breach Investigations Report
- 2011 Data Breach Investigations Report
- Mozilla Firefox Internals & Attack Strategies
- Mozilla Firefox Internals & Attack Strategies
- Web application vulnerabilities in context of browser extensions
- Web application vulnerabilities in context of browser extensions
- PHP LFI to arbitratry code execution via rfc1867 file upload temporary files
- PHP LFI to arbitratry code execution via rfc1867 file upload temporary files
- Credit Card skimming and PIN harvesting in an EMV world
- Credit Card skimming and PIN harvesting in an EMV world
- Exposing the Lack of Privacy in File Hosting Services
- Exposing the Lack of Privacy in File Hosting Services
- Botnets: Measurement, Detection, Disinfection and Defence
- Botnets: Measurement, Detection, Disinfection and Defence
- Leaking browsing history via user interaction and side channel attacks
- Leaking browsing history via user interaction and side channel attacks
- HTTP Geolocation
- HTTP Geolocation
- HITB Magazine Issue 005 released
- HITB Magazine Issue 005 released
- Symantec Report on Attack Kits and Malicious Websites
- Symantec Report on Attack Kits and Malicious Websites
- Trustwave's Global Security Report 2011: Web Application Risks
Tools
- The Social-Engineer Toolkit (SET) v1.4 released
- Metasploit Framework v.3.7.1 Released
- Sandcat v.4.2.2 Free Edition Released
- Safe3 Sql Injector v.8.1 released
- Online VNC , SSH and Remote Desktop Scanner
- Online VNC , SSH and Remote Desktop Scanner
- SWFRETools v.1.1.0 Released
- SWFRETools v.1.1.0 Released
- Metasploit Framework v.3.7.0 Released
- Metasploit Framework v.3.7.0 Released
- PacketFence v.2.2 Released
- PacketFence v.2.2 Released
- Fastest Online SQL Injection Dumper
- Fastest Online SQL Injection Dumper
- Updates: ZoomIt v4.2, Process Explorer v14.11, ProcDump v3.04, and Mark Live: Zero Day Malware Cleaning with the Sysinternals Tools
- Updates: ZoomIt v4.2, Process Explorer v14.11, ProcDump v3.04, and Mark Live: Zero Day Malware Cleaning with the Sysinternals Tools
- ArpON updated to v.2.2
- ArpON updated to v.2.2
- AntiXSS v.4.0 Released
- AntiXSS v.4.0 Released
- THC-Hydra v6.3 Released
- THC-Hydra v6.3 Released
- OWASP ZAP Web Application Vulnerability Examples v0.2
- OWASP ZAP Web Application Vulnerability Examples v0.2
- DarkComet-RAT v.3.3 Released
security
- Securing The Kernel via Static Binary Rewriting and Program Shepherding
- Securing The Kernel via Static Binary Rewriting and Program Shepherding
- PacketFence v.2.2 Released
- PacketFence v.2.2 Released
- Updates: ZoomIt v4.2, Process Explorer v14.11, ProcDump v3.04, and Mark Live: Zero Day Malware Cleaning with the Sysinternals Tools
- Updates: ZoomIt v4.2, Process Explorer v14.11, ProcDump v3.04, and Mark Live: Zero Day Malware Cleaning with the Sysinternals Tools
- AntiXSS v.4.0 Released
- AntiXSS v.4.0 Released
- ESET NOD32 Antivirus comes to Linux
- Nmap, scans your computer ports
- YARA v.1.5 released
- YARA v.1.5 released
- Preventing XSS Attacks
- Preventing XSS Attacks
- Credit Card skimming and PIN harvesting in an EMV world
- Credit Card skimming and PIN harvesting in an EMV world
- Book - Configuring IPCop Firewalls
- Tip: Solution to Bug in Flash on YouTube
- How To install ESET NOD32 Antivirus 4 for Linux
- OWASP AntiSamy v.1.4.4 Released
- OWASP AntiSamy v.1.4.4 Released
- About 40 security problems discovered in the kernel of Ubuntu 10.04 LTS
- Comitari : Web Protection Suite
- Comitari : Web Protection Suite
- The Open Source Pentest Bookmarks Collection
No response to “Web Application Scanners Accuracy Assessment”
Leave a reply