January 14, 2009

Web App Analysis Tools

Free tools
parosproxy.org
openvas.org
grendel-scan.com/blog
seleniumhq.org
http://www.cirt.net/nikto2
http://www.nstalker.com/
http://code.google.com/p/ratproxy/

Top 10 Web Vulnerability Scanners from InSecure.org (the nmap guys) in 2006 YMMV
http://sectools.org/web-scanners.html

Commercial tools
IBM App Scan (Formerly Watchfire)
HP WebInspect
Hail Storm

Documentation
owasp.org
webappsec.org


http://codefromthe70s.org/sslblacklist.aspx Firefox plug-in

Posted by benjamin at 9:11 AM