M
Matt Baker
Guest
For web applications, you can use OWASP ZAP which is a PEN testing tool for web applications. It is agnostic to the technology as it provides a spider/dynamic scan through HTTP. www.owasp.org/.../OWASP_Zed_Attack_Proxy_Project This does not perform static code analysis which can reveal other types of flaws.
Continue reading...
Continue reading...