aspdaddy - 8:48 pm on Jul 30, 2011 (gmt 0)

Qualys is decent as is Nessus, metasploit any many others but your biggest problem is sql injection vulnerabilities and lack of patching, you dont need scanners to tell you that.

Even with the professional feed and all the web application plugins, tools like Nessus will only tell you what you alrady know - open source code is full of SQL injection and stack overflow vulnerabilities - and the exploit code is on the forums for anyone to use.


Fix the sql/xss injection vulnerabilities in your GET and POST and get a proper host that patches.