Test Web Applications With Grendel Scan

Grendel Scan is a powerful web application scanner that can help you identify potential security gaps across your websites. There are a number of web application scanners freely available (Tim reviewed w3af last week), but Grendel Scan has a number of features that make it a useful tool for administrators, in particular those who may not have much (or any) penetration testing experience but are looking to close potential vulnerabilities across their web applications.

• Unlike w3af, Grendel Scan’s GUI interface is fully functional. You only need to identify a place to store the scan files and a URL to get started.
• Grendel Scan works mostly in the background and doesn’t require much attention once the scan gets going.
• The final report is generated in HTML so you can view it in a very readable format in any web browser. The particular type or specific vulnerabilities, their risk ratings, as well as recommended fixes are clearly organized in the report. You can also pause the report and generate them on the fly.
• Works on Windows for administrators who are scared of Linux or Macs (you’d be surprised).

Although the final output from Grendel Scan is well organized, you’ll need some programming and security knowledge to decipher it. That’s when it’s time to call in the security guru to take a look for guidance. Grendel Scan is free for download and a useful tool for a wide range of experience levels.

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!