Today I'm starting a mini-series about my experience with the following popular Webapp pentesting tools:
Now to be clear, the goal of this bake-off is to find a tool for the more run-of-the-mill, "customer just wants to check a box" Webapps scan. So I'm not covering tools like Burp which I consider a primary tool for a deeper, manual Webapp test. My other "nice-to-haves" in a tool like this include:
- Simple, clean interface
- Shallow learning curve so team members can get up and running with the tool quickly
- Wide variety of exporting/reporting options
- Can run both in a cloud-hosted or local-install configuration
Turns out even talking through 4 tools takes a while, so today's episode focuses on Acunetix.