Try to use freeware service (owned by Cisco System and Positive technologies) - www.freescan.ru. This service can help found many unknown bug in custom Web application.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles Sent: Monday, June 13, 2005 10:22 PM To: [EMAIL PROTECTED]; [email protected] Cc: [EMAIL PROTECTED] Subject: RE: [Full-disclosure] Web application Security Scanner The list is right, pen-testing isn't as easy as running one tool. If there was a "best" tool that found everything, then why would people use any other tool? Going to attack Russian Google, well glad you said it on here...that will make it hard for them to trace you down..lol > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of tgoogle > Sent: Monday, June 13, 2005 12:10 PM > To: [email protected] > Cc: [EMAIL PROTECTED] > Subject: Re: [Full-disclosure] Web application Security Scanner > > Thanks, > > I shall test all these programs, tomorrow I send my results. > For example, i try to find vulnerabilities in www.yandex.ru > and www.google.ru sites :). > > You really consider that all these programs are capable found > vulnerability in UNKNOWN scripts? > > I need BEST program, which can found Maximum bugs in any > custom Web application. > > > >http://www.0x90.org/releases/absinthe/ > >http://www.nessus.org/download/ with some plugins > >http://www.cirt.net/code/nikto.shtml > > > >The "best" depends of your target, the OS you use, if you > looking for > >opensource products or commercial ones. > >Just google there many of them. > > > > > >Deepquest > >"Justification of windows usage is a combinaison of > Stockholm Syndrome > >and cognitive dissonance." > >-------------------------------------------------------------- > >Propaganda http://deepquest.code511.com/blog > >FIB http://www.futureisbeta.com > >PGP DH/DSS http://www.futureisbeta.com/pgp > >-------------------------------------------------------------- > > > >> Did you know the best Web app security scanner? > >> > >> I need scanner, which would find SQL injections, XSS, php > include and > >> other bug in unknown Web application. > >> > >> Thanks > >> _______________________________________________ > >> Full-Disclosure - We believe in it. > >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html > >> Hosted and sponsored by Secunia - http://secunia.com/ > >> > >> > > > > > -- > Яндекс.Почта: объем почтового ящика не ограничен! > http://mail.yandex.ru/monitoring/ > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
