top | item 20923183 (no title) mrlucax | 6 years ago Is there an open source alternative that could be self-hosted and configured to run automated and periodical checks? discuss order hn newest smcleod|6 years ago While not a web or automated option - if you want to run a quick crawl and scan on your apps you could try OWASP ZAP, it also has quite a few handy plugins - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Proje... dahfizz|6 years ago Metasploit? You don't even need to host it (why are we so obsessed with making everything a website?) Godel_unicode|6 years ago Metasploit isn't the best choice for webapps, you probably want nikto or similar. Here's the owasp list: https://www.owasp.org/index.php/Category:Vulnerability_Scann... kortilla|6 years ago The key part is automation, not a website. Make it part of your ci/cd pipeline.
smcleod|6 years ago While not a web or automated option - if you want to run a quick crawl and scan on your apps you could try OWASP ZAP, it also has quite a few handy plugins - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Proje...
dahfizz|6 years ago Metasploit? You don't even need to host it (why are we so obsessed with making everything a website?) Godel_unicode|6 years ago Metasploit isn't the best choice for webapps, you probably want nikto or similar. Here's the owasp list: https://www.owasp.org/index.php/Category:Vulnerability_Scann... kortilla|6 years ago The key part is automation, not a website. Make it part of your ci/cd pipeline.
Godel_unicode|6 years ago Metasploit isn't the best choice for webapps, you probably want nikto or similar. Here's the owasp list: https://www.owasp.org/index.php/Category:Vulnerability_Scann...
smcleod|6 years ago
dahfizz|6 years ago
Godel_unicode|6 years ago
kortilla|6 years ago