What are your favorite tools for checking for vulnerabilities in websites?
Asked
Active
Viewed 531 times
9 Answers
9
I've used Nessus before. It takes a bit to setup, but has a pretty comprehensive set of tests.
Steven Behnke
- 335
- 2
- 3
-
Nessus went commercial, there's OpenVAS instead. – Anonymous Dec 02 '09 at 11:27
4
nmap is great for giving you the ports that are open and what is running on them
trent
- 3,114
- 19
- 17
1
WebInspect is pretty good, but pricey. It takes a lot of handholding as well, not a lot of automated use.
Bill Weiss
- 10,979
- 3
- 38
- 66
-
Why the -1? I'll take that you don't like it, but at least leave a comment! – Bill Weiss Aug 16 '10 at 19:09
1
- HTTPrint
- Nessus (which, if installed on linux, typically has nmap as a port mapper)
- Qualys
- MetaSploit
- Fiddler
- WireShark
K. Brian Kelley
- 9,034
- 32
- 33
0
Check insecure Dot Org... and web scanner There are lots of great security tools there. Some are open source, other are commercial.. nikto praros proxy web scarab web inspect burpsuit whisker wikto acunetix wvs watchfire appscan n-Stealth
Bit Hammer
- 23
- 5
0
It's not free, but McAfee Secure does an excellent job and provides very detailed reporting.
Justin Scott
- 8,798
- 1
- 28
- 39
0
I suggest you to use a commercial web application security scanner.A list of WASS : http://www.webscanners.net/webscanners/index.html
