August 2006
Thinking Stone / ModSecurity - ModSecurity Console
by mbertier (via)ModSecurity Console is a network-based console designed to collect logs and alerts from remote ModSecurity sensors in real-time, providing security analysts with the support they need to keep their web systems secure.
Wapiti - Web application security auditor
by Xavier Lacot & 13 others (via)Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.
Wapiti - Web application security auditor
by mbertier & 13 othersIt performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.
The Open Web Application Security Project - OWASP
by maxjhuang & 9 othersthe free and open application security community.