AppScan
Automate dynamic application Security testing (DAST) and interactive application security testing (IAST) for modern WEB applications and services. A comprehensive JavaScript execution engine that supports WEB 2.0, JavaScript, and AJAX frameworks. SOAP and REST Web service tests that cover XML and JSON infrastructure support wssecurity Standard, XML encryption, and XML signing. Detailed vulnerability announcements and remediation recommendations. 40 + Compliance reports, including payment card Industry data security Standards (PCI DSS), payment Application Data security standards (PA-DSS), ISO 27001 and ISO 27002, and Basel Ii.
Select Scan now to enter an expert evaluation option, which will be the default configuration for host discovery and scanning
Scan configuration Here to select the scan settings that best match your test
Because the tool requires very strict scanning processes, it takes a long time.
The result analysis is very detailed and even gives the code the question, can carry on the professional consultation service. A lightweight scanning artifact.
Here are the scanners and crackers:
Appscan:http://pan.baidu.com/s/1delbz81
This article from-CSDN
I'm a porter-I think this is good. Pretending to share this
http://blog.csdn.net/pygain/article/details/52729266
Web penetration testing of the missing sweep artifact