RandomStorm have acquired Damn Vulnerable Web App (DVWA) :)
RandomStorm showed their interest in DVWA and wanted to help the project grow. After some weeks of talks we have settled on an agreement which I believe will benefit the DVWA project immensely.
What do RandomStorm do?
RandomStorm was formed in 2007 to provide a proactive vulnerability management service for companies and organisations that take network security seriously and need to demonstrate maximum due diligence in protecting personal and corporate information.
I started a poll last week on the 1st of December tittled ‘Open Source Web Application Vulnerability Scanners’. The aim of this poll was to gain feedback from as many people in the security community as possible to find out which was their preferred open source web application vulnerability scanner, what they preferred about it and what they would improve about their favorite scanner. The poll has run for almost 7 days. The poll link was posted on Twitter (via my Twitter account), on this blog and on www.ethicalhacker.net.
The total number of submissions was 32 however there were some anomalies in the data mainly due to my own fault. I had originally included Burp Suite, I had confused their free version with it being open source, it turns out this is not the case. I also had submissions from application developers, I did not state that I wouldn’t be counting their votes however I believe it fairer if we didn’t. After taking out the votes for Burp Suite (3 before removing the option), the submissions from application developers (2) and submissions for other commercial scanners (2), it left us with a total of 25 submissions.
I am trying to find out from the community which open source web application scanners they use and why. Please take the poll, once, and answer honestly. Thank you! ;)