HP WebInspect
WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer. It can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal, and more. It was produced by Spidynamics, which is now part of HP. For downloads and more information, visit the HP WebInspect homepage.
- Popularity
- #76,
36 - Latest release
- 9.10
- June 27, 2011 (12 years, 10 months ago)
- Links
- Rating
- ★★★½ (8)
★★★★★12% ★★★★38% ★★★25% ★★25% ★0%
WebInspect is like trying to Fly an F35 when you have flown a crop duster. Very effective if you have been trained on it. You get the support and product that you pay for. Last I checked, Yes, MSSQL Is required, runs best if MSSQL is running on a separate system.
My impressions: - The trial version do not allow check more than one site. - The app needs lots of requirements. - In my desktop (Core2Duo, 4Gb) it runs slowly.
Hello Ravi, You can refer to link below.
http://hackercool.com/2016/07/how-to-install-hp-webinspect-in-windows-10/
hi friends, I have registered for hp webinspect(trial version). iam unable to install that on my pc. iam facing issue with sql server mapping.
my doubt is
1) is sql server needed for that to use webinspect.
2) if yes, how to map/configure.
Price is to high AND they hide the pricing, not transparent at all.
A very good scanner ... I'm totally impressed in the results I see.
You can see the other benefits too like the new WAF integration. So that immediate and automated, real-time virtual patching against identified vulnerabilities is possible with Radware’s AppWall http://h20195.www2.hpe.com/v2/GetDocument.aspx?docname=4AA6-4224ENW
Room to improve: price, management (complexity)
very good scanner it can find more than bugs. webinspect found a bug from nessus panel :)
We still use this tool. It's on the high price range, but still very useful. No other tool (except for IBM, and acunetix) can be used consistently in big web environments to consolidate information and previous findings. You can integrate with Burp for more custom testing.
Despite the setbacks after HP acquisition, their development team keeps up with security updates.
The bad side is that the architecture is complex, and consumes a lot of computing resources.
No a tool for kiddies.
Good scanner, but price is to high so we use acunetix
I tried all software above and WebInspect finds more vulnerabilities than any other. The price is very high so anyway We moved to Acunetix.
The only reason I didn't give this a lower score is because it served a purpose for a long time. Then HP bought them out and like everything they touch the support went downhill. We switched to Acunetix.