I saw some post about web vulnerability scanner.
First , if you come there to complain saying scanner are noisy, it's for kiddie, etc..
Just don't. Go away. Go cry somewhere else.
Scanner are noisy, if you attack you shouldn't use it right.
But in a security point of view when you're looking for finding a big web application vulnerability (in a pentest for exemple) it's great.
Yes you have to know how to do it manually, but it can save a lot of time, we won't debate about this there.
I m there to show you this work :
If you have a hard time to choose look at this :
http://www.sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.htmlthe blog:
http://sectooladdict.blogspot.fr/ That guy did a serious work, nice to read it.
I recommend burpsuite and ZAP as a proxy, if you have a personal opinion about some other tools, tell me.
