We've detected that Javascript is not enabled. It is required for an optimal survey taking experience.
Please check your browser's settings and make sure Javascript is turned on. Learn how to enable Javascript.

Skip survey header

Open Source Web scanners

Page One

1. Gender

2. Education Level

3. Course Majority

4. Age Group

5. Years of experience in IT industry

6. Do you have experience with open-source scanners ? *This question is required.

7. How do you rate the configuration type of web scanners based on below criteria ?

Very Simple : If the scanner has GUI and Wizard for performing the scanning task.

Simple : If the scanner has GUI with simple options and /or command line with scan configuration file or simple options.

Complex : If the scanner has GUI with numerous options and/or command line with multiple options.

Very Complex : If the scanner uses manual scanning feature dependencies and/or multiple configuration requirements. *This question is required.

Space Cell	Very Simple	Simple	Complex	Very Complex	No Experience
Arachni
Grendel-Scan
IronWasp
Vega
W3af
Wapiti
Watobo
Webscrab
Wikto
ZAP

8. If you have any additional comments regarding the above configuration types , please feel free to put your opinions .

9. How do you rate the report generation type of web scanners based on below criteria ?

Executive summary : An executive summary provides a concise picture of the scan results. This report allows a reader to be

able to determine high-level results at a glance.

Technical detail report : Scanners must be able to provide all technical information required for readers to reproduce the

identified issues. This should include the below items :

1- The ability to include full request and response data

2- The ability to include a list of all hosts and URLs included in the scan

Compliance report : Scanners should provide a report format that allows organizations to quickly determine whether they are

in violation of regulatory requirements or other standards . Some of the standards include of following :

1- Payment Card Industry Data Security Standard (PCI DSS)

2- OWASP Top 10

3- WASC Threat Classification

4- NIST 800-53

5- Health Insurance Portability and Accountability Act (HIPAA)

6- Sarbanes-Oxley (SOX)

7- SANS Top 20 *This question is required.

Space Cell	Executive summary	Technical detail report	Compliance report	No Experience
Arachni	Executive summary	Technical detail report	Compliance report	No Experience
Grendel-Scan	Executive summary	Technical detail report	Compliance report	No Experience
IronWasp	Executive summary	Technical detail report	Compliance report	No Experience
Vega	Executive summary	Technical detail report	Compliance report	No Experience
W3af	Executive summary	Technical detail report	Compliance report	No Experience
Wapiti	Executive summary	Technical detail report	Compliance report	No Experience
Watobo	Executive summary	Technical detail report	Compliance report	No Experience
WebScarab	Executive summary	Technical detail report	Compliance report	No Experience
Wikto	Executive summary	Technical detail report	Compliance report	No Experience
ZAP	Executive summary	Technical detail report	Compliance report	No Experience

10. If you have any additional comments regarding the above report generation types , please feel free to put your opinions .

11. If you have any other comments regarding the above questions , I would be happy to hear it.