Author Topic: What platforms do you use security testing of web applications?  (Read 452 times)

0 Members and 1 Guest are viewing this topic.

Offline SBTlauien

  • Disciple
  • ***
  • Posts: 454
  • ส็็็็็็็็็.ส็็็็็็็็็.ส็็็็็็็็็
    • View Profile
What platforms do you use security testing of web applications?
« on: September 30, 2014, 05:43:25 am »
I've been using Burpe Suite for a while now, but it's not the full version.  It was mentioned in a book I was reading.  I downloaded another one called Acunetix but haven't used it yet.  I'm still learning about this stuff.

What do you use and what makes it better than others?

Offline aldra

  • Arch Disciple
  • ***
  • Posts: 623
  • albrecht drais
    • View Profile
Re: What platforms do you use security testing of web applications?
« Reply #1 on: September 30, 2014, 05:45:44 am »
web apps? most of the stuff I've written is small-scale and only for internal use, so I haven't needed to worry about it enough to rely on an automated tool.

that said, you could always use selenium or another browser emulator and write your own test packages in python/java/whatever

Offline Spuff

  • Outlander
  • *
  • Posts: 6
    • View Profile
Re: What platforms do you use security testing of web applications?
« Reply #2 on: October 18, 2014, 04:29:28 pm »
Burp rocks. Acunetix is a web vulnerability scanner so it doesn't have the same functionality as Burp, but you can use the two together for better results. If you're looking for intercepting proxies like Burp, there's OWASP ZAP. For vuln scanning, check out w3af. Nikto is also great.