Whitepaper: HackMiami Web Application Scanner 2013 PwnOff
An Analysis of Automated Web Application Scanning Suites
Presented by: James Ball, Alexander Heid, and Rod Soto
P0wn off 2013This document is an analysis of the performance of five common web application scanners, which were put against three different types of web applications. The document will provide as an evaluation of the web application scanner suites from application to the completion of the scan, and will rate the suites on multiple criteria. The Web Application PwnOff was a live event that took place at the HackMiami 2013 Hackers Conference in Miami Beach Florida. There were three target web applications, one PHP based, one JSP based and one .NET based. open_pdfThe scans consisted of a single pre-authentication scan, and a single post-authentication scan against each user level.