Hi Suresh, Apart from what Rahul suggested, you can also for GFI Languard or Core Impact (both proprietary). For a better hands-on and/or manual assessment, try using Metasploit (Opensource), though that might be more on the PT side.
Regards, Neelu Tripathy Security Analyst, TEG Tata Consultancy Services Mailto: neelu.tripa...@tcs.com From: "suresh tiwary" <sureshtiw...@rediffmail.com> To: <owasp-delhi@lists.owasp.org> Date: 02/17/2010 11:46 AM Subject: [Owasp-delhi] Tools for Web Server V A Sent by: owasp-delhi-boun...@lists.owasp.org Issue: Tools for web server V A for IIS, Apache etc ? Dear OWASP Delhi, Can anyone provide complete and comprehensive information, sites of web server vulnerability assessment by manual method and by automated tools. 1. What are the free tools / open source tools actually and practically used for web serv V A ? 2. What are the commercial tools used for automated web server V A ? 3. How a manual web server v a is conducted ? Any checklist and the practical process. 4. People can share their web server v a experience. Thanks & regards, Suresh _______________________________________________ Owasp-delhi mailing list Owasp-delhi@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-delhi =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
_______________________________________________ Owasp-delhi mailing list Owasp-delhi@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-delhi