EvilZone
Hacking and Security => Hacking and Security => : Lostyx February 20, 2015, 12:00:08 PM
-
I saw some post about web vulnerability scanner.
First , if you come there to complain saying scanner are noisy, it's for kiddie, etc..
Just don't. Go away. Go cry somewhere else.
Scanner are noisy, if you attack you shouldn't use it right.
But in a security point of view when you're looking for finding a big web application vulnerability (in a pentest for exemple) it's great.
Yes you have to know how to do it manually, but it can save a lot of time, we won't debate about this there.
I m there to show you this work :
If you have a hard time to choose look at this :
http://www.sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.html
the blog:
http://sectooladdict.blogspot.fr/
That guy did a serious work, nice to read it.
I recommend burpsuite and ZAP as a proxy, if you have a personal opinion about some other tools, tell me.
-
there are result of Acunetix: SQLi 100%
it's not right. don't know what is vulns they have been used to check it, but it's wrong. acunetix isn't good for searching SQLi