jueves, 17 de mayo de 2012

wavsep - Web Application Vulnerability Scanner Evaluation Project

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.

This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.
Important Update: as of v1.1.1, the auto-installer must be used - load war in tomcat, access URL "/wavsep/wavsep-install/install.jsp", and follow instructions (the installation scripts which are provided in the separate download are designed for legacy wavsep versions - 1.0.3/1.0).

Previous benchmarks performed using the platform:

SecToolMarket - A Dynamic Security Benchmark Presentation Platform
2011 Comparison of 60 commercial & open source scanners

2010 Comparison of 42 open source scanners



No hay comentarios: