#1 WebAppSec Scanner Benchmarking Support

WebGoat (2)

It would be great if WebGoat could be used to
benchmark commercial and open source web app
scanners. If you could set it up such that the current
holes are created and each time its found a counter is
incremented. This way you can then determine if the
tool managed to find each hole and how long it took to
find them.

Maybe a counter is set to n of vulns, and a clock
started manually by the user. A method gets called that
decrements the counter when the scanner finds an
exploit. You may set a max time etc

You could then generate a report that shows how many
holes the tool founds and when it founds them. Maybe a
basic graph etc


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks