Revision as of 00:25, 22 June 2007 edit NEUrOO (talk \| contribs) 68 edits No edit summary ← Previous edit		Revision as of 00:28, 22 June 2007 edit undo NEUrOO (talk \| contribs) 68 edits No edit summary Next edit →
Line 3: Web Application Security Scanners (or Web Application Vulnerability Scanners) are tools designed to automatically scan web applications for vulnerabilities. These tools work as black-box analyzer; meaning that, unlike Source Code Scanners, they don't access the source code and then, need to detect the vulnerabilities by performing attacks. == Some Instances == === Commercial tools === * [http://www.acunetix.com Acunetix WVS] by Acunetix Line 24: * [http://wapiti.sourceforge.net Wapiti] by Nicolas Surribas * [http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project WebScarab] by Rogan Dawes of Aspect Security (OWASP Project) = Web Application Vulnerabilities Scanner projects = * The [http://webappsec.org WASC] is starting a Web Application Security Scanner Evaluation Criteria (WASSEC) project * The NIST is also running a Web Application Secuity Scanner Evaluation project in the [http://samate.nist.gov SAMATE] project

Dynamic application security testing: Difference between revisions