NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FOCUS-MS> 2003-q3

RE: Vulnerability scanner for SQL injection, HTML injection- free or commercial ?

From: Erik Anderson (eandersmidco.net)
Date: Tue Sep 23 2003 - 13:02:48 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If you have a Linux system try Nessus. It is the best open source/free
Vulnerability Scanner out there.

Erik

> -----Original Message-----
> From: Harbar, Spencer [mailto:spencer.harbardns.co.uk]
> Sent: Tuesday, September 23, 2003 10:17 AM
> To: Milind Nanal; focus-mssecurityfocus.com
> Subject: RE: Vulnerability scanner for SQL injection, HTML injection-
> free or commercial ?
>
>
>
> Check out ScanDo from www.kavado.com, WebInspect from
> www.spidynamics.com and AppScan from www.sanctum.com
>
> hth
> Spence
>
>
> -----Original Message-----
> From: Milind Nanal [mailto:milindynrolta.com]
> Sent: 19 September 2003 06:31
> To: focus-mssecurityfocus.com
> Subject: Vulnerability scanner for SQL injection, HTML injection- free
> or commercial ?
>
> Hi,
>
> Can anyone please tell me information about any vulnerability scanner
> (free or trial version of commercial scanner) which can scan SQL
> injection , HTML injection of IIS web server running with MS sql 2000 as
> a backend database.
>
> I get many document on the internet which tell me few default techniques
> of SQL injection & trying out those to carry out SQL injection test. I
> am looking out for ready made scanner which has a set of inbuilt
> commands to carry out SQL , HTML injection attack & give a report ,
> recommendations to solve the problem.
>
> Quick response is appreciated
>
> Regards,
>
> Milind
>
> ------------------------------------------------------------------------
> ---
> ------------------------------------------------------------------------
> ---
>
>
>
>
>
> ------------------------------------------------------------------
> ---------------------------
> This e-mail was checked and validated by the dns email content
> management service.
>
> For information on how to improve email management for your
> organisation, please contact salesdns.co.uk
> ------------------------------------------------------------------
> ---------------------------
>
>
>
>
>
> ------------------------------------------------------------------
> ---------
> ------------------------------------------------------------------
> ---------
>
>
>

---------------------------------------------------------------------------
---------------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]