How effective are tools such as w3af in looking for web app vulnerabilities compared to looking for vulnerabilities manually? Are they able to find all vulnerabilities from OWASP top 10 such as reflected xss, persistent xss, sqli, lfi/rfi, and unrestricted file upload? Or will some vulnerabilities fall through the cracks and remain undiscovered?
Aucun commentaire:
Enregistrer un commentaire