Test website security

rflorencio
rflorencio used Ask the Experts™
on
Hi,

I intend to test my website against various types of threat, such as sql injection, is there any software tool to do this?

best regards
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Pawan KumarDatabase Expert
Awarded 2016
Top Expert 2016
Commented:
There are few tools available in the market for this kind of requirement.

you can check for free tools present here-

https://geekflare.com/online-scan-website-security-vulnerabilities/
Dr. KlahnPrincipal Software Engineer
Commented:
Without wishing to seem flippant, no security tool is going to be either up to date or as effective in revealing problems as the real thing.  As soon as you connect the site to the internet this will all be done for you at no charge by black hats trying to break in.  Just watch the logs and defeat the exploits as they are used.

(This is good practice since you'll have to do it every day anyway as long as the site is on the internet.)

And be sure you have daily full backups.
Exec Consultant
Distinguished Expert 2018
Commented:
I would have thought you will do some hygiene check and SSLTest is one option as it surface the weakness in crypto SSL/TLS which may be easily exploited. You can have a check of health on known threat using VirusTotal too. Specifically for the scanner and tool, OWASP has some good listing hereTool such as sqlmap  for testing SQLi, another for the wider coverage of test cases is w3af. It is a Web Application Attack and Audit Framework. It does attempt to find and exploit known web application vulnerabilities.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial