Revision as of 00:56, 22 June 2007 edit Impulssi (talk \| contribs) 2 edits updated broken link ← Previous edit		Revision as of 01:00, 22 June 2007 edit undo NEUrOO (talk \| contribs) 68 edits →Strengths and weaknesses Next edit →
Line 6: == Strengths and weaknesses == The web application security scanner is not a perfect tool, it has strength and weaknesses. * Weaknesses and limitations: Because the tool is implementing a dynamic testing method, it cannot cover 100% of the source code of the application and then, the application itself. It is really hard for a tool to find lots of logical flaws such as the use of weak cryptographic functions Even for technical flaws, if the application doesn't give enough clue, the tool cannot catch it The tool cannot implement all variants of type of attacks for all vulnerabilities, this would take too long time to launch every attacks * Strengths: ** These tools are able, with string injection, to find real flaws == Some Instances ==

Dynamic application security testing: Difference between revisions