NYCPHP Meetup

NYPHP.org

[nycphp-talk] Web app security scanners

Max Gribov max at neuropunks.org
Sat Apr 15 14:09:38 EDT 2006


Hello all,
does anyone know of any opensource/free web app security scanner?
Basically, I just want something (else besides me) to go through all the
GET's and POST's on my PHP site and see if XSS/sql injection/etc is
possible.
I certainly did an audit of my own code, but another pair of eyes,
especially automated, would never hurt.
Something down the lines of Nessuss only for web apps basically.
I've seen this: www.acunetix.com, and signed up for a trial audit, but
am wondering if there is something I can actually download.
I havent seen anything on freshmeat or even google, most things are
either tutorials or non-free.

thanks!

max



More information about the talk mailing list