Hello, I need to find tools to run penetration testing on our external web interfaces (a web application and an HTTP-based data interface).
The idea is to be able to run automatic tests on new releases before deployment. Stress is on "automatic". Has anyone here got good experience with such tools? I'm digging through the net and found lots of lists (e.g. http://www.samurainet.org/blog/2008/05/12/web-application-penetration-testing-my-tools-of-the-trade/) but if someone can give some input from their personal experience on what's worth pursuing and what's a waste of time it'll, well..., might save us some time. Thanks, --Amos -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
