Tuesday, March 25, 2008

A Different Web Application Testing Suite

Testing web applications, it's pretty time-expensive and needs the correct utilization of web proxies.  SecurityCompass released a different toolkit, named XSS-ME and SQL INJECT-ME which perform a XSS and SQL INJECTION testing directly on-Fly (without interacting to web proxies ) as a FireFox plug-in.

XSS-ME :  is the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS) vulnerabilities.


SQL INJECT-ME: SQL Inject-Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.


You can read more here and here. Actually I got no time to try them, so if someone is going to try this new toolkit please let me know about the main differences between SecurityCompass solution and , for instance,the current de-facto standard OWASP framework. Thank you guys !

1 comment:

Anonymous said...

Can anyone recommend the top performing Endpoint Security program for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central remote pc access
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!