HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
| | ||
| Reference | Link |
|---|---|
| Commercial Scanners | |
| Acunetix Enterprise Web Vulnerability Scanner | http://www.acunetix.com |
| Cenzic Hailstorm | http://www.cenzic.com |
| Ecyware GreenBlue Inspector | http://www.ecyware.com |
| Syhunt Sandcat Suite | http://www.syhunt.com |
| SPI Dynamics WebInspect | http://www.spidynamics.com |
| Watchfire AppScan | http://www.watchfire.com |
| NTObjectives NTOSpider | http://www.ntobjectives.com |
| Compuware DevPartner SecurityChecker | http://www.compuware.com |
| WhiteHat Security | http://www.whitehatsec.com |
| Free Tools | |
| Nikto | http://www.cirt.net/code/nikto.shtml |
| N-Stalker NStealth Free Edition | http://www.nstalker.com |
| Burp Suite | http://www.portswigger.net |
| Paros Proxy | http://www.parosproxy.org |
| OWASP Webscarab | http://www.owasp.org |
| General References | |
| OWASP Top 10 | http://www.owasp.org |
| Web Application Security Consortium (WASC) | http://www.webappsec.org |
| RSnake's XSS Cheat Sheet | http://ha.ckers.org/xss.html |
| | ||