En Cryptex han publicado un listado de Scanners de vulnerabilidades para aplicaciones Web, separados aquellos de uso libre, con aquellos en formato comercial.
Herramientas comerciales:
* Acunetix WVS by Acunetix
* AppScan DE by IBM/Watchfire, Inc.
* Hailstorm by Cenzic
* N-Stealth by N-Stalker
* NTOSpider by NTObjectives
* WebInspect by HP/SPI-Dynamics
* WebKing by Parasoft
* elanize’s Security Scanner by Elanize KG
* MileScan Web Security Auditor by MileSCAN Tech
* WebApp360 by nCircle
Herramientas Libres/OpenSource:
* Grabber by Romain Gaucher
* Grendel-Scan by David Byrne and Eric Duprey
* Nikto by Sullo
* Pantera by Simon Roses Femerling (OWASP Project)
* Paros by Chinotec
* Powerfuzzer by Marcin Kozlowski
* Spike Proxy by Immunity (Now as OWASP Pantera)
* WebScarab by Rogan Dawes of Aspect Security (OWASP Project)
* Wapiti by Nicolas Surribas
* W3AF by Andres Riancho
* SecurityQA Toolbar by iSEC Partners
Sebastián de la Redacción de Segu-Info
See the original post:
Web Application Vulnerability Scanners |