I like AppScan's ability to allow manual and automatic toggle.
I have also used Paros (open source) and it works just as well.
-----Original Message-----
From: Serg Belokamen [mailto:serg.belokamen@gmail.com]
Sent: Friday, February 17, 2006 2:04 AM
To: webappsec@securityfocus.com
Subject: Tools comparison and evaluation question (AppScan)
Hi All,
I am currently looking at using/evaluating a tool called AppScan (by
watchfire.com).
So the question is in two parts and ASAP reply would be greatly
appreciated.
First:
Without starting a flame war (hopefully) or marketing campaign (another
hopefully) can any one tell me abut their experience with the software,
what you find useful about it, what not, any annoyances, missing
functionality, etc.
Second:
Can anyone recommend any simular type of software, preferably open
source (although not at all essential), and describe its performance,
usability and "usefulness" so to speak using AppScan as a reference
point.
Thanks,
Serg
------------------------------------------------------------------------
-
This List Sponsored by: SpiDynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gR
l
------------------------------------------------------------------------
--
-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
