Grendel v1.0 Web Application Security Testing released

by

In: Application Scanner , Bruteforcers , Fuzzers , Grendel , Vulnerability Scanner

18 August 2008

Grendel-Scan is an open-source web application security testing tool. It has automated testing module for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests. The only system requirement is Java 5; Windows, Linux and Macintosh builds are available.

Grendel-Scan is a kind of Paros and Nikto combination tool.
It acts like proxy and intercepts data stream for analysing. In addition, he uses 10 modules to identify application vulnerabilities as well as SQL injections, information leakage, file enumeration, Fuzzer, XSS attacks, spidering techniques and Nikto checks.

It also got a feature to detect authentication web form using a Wizard.

It looks very good since it works on OSX, windows and Linux.

Grendel has been added to security-database tools watch process

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Bruteforcers
Fuzzers
Grendel
Vulnerability Scanner