Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Open source application security testing tools

Application security testing requires the right tools to be effective. Expert Chris Wysopal goes over your open source options.

What are the famous open source tools for Web application security testing?

Some of the popular open source Web proxies are WebScarab, Paros Proxy, and Burp Proxy. These are essentially man-in-the-middle proxies that sit between the Web browser and the Web server and allow the assessor to observe and manipulate the Web traffic.

Security testing tools:
What to look for in a Web application security testing tool

How to evaluate testing software and tools

Free Web application security testing tools you need to get to know

There aren't many open-source automated scanners for Web applications -- that is, things that you just point at a URL and say "scan it." One is Nikto, but it tests mostly for misconfigured Web servers and doesn't really touch the Web application logic itself.

-- Chris Eng, director of security services at Veracode, contributed to this response.

Dig Deeper on Topics Archive

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.