webapplicationsreview.com

WebScarab: a Web Application Review tool which came about from the designs of the people who were inhabiting the WebAppSec list that was run from SourceForge, for a powerful, free, open tool for reviewing web applications for security vulnerabilities. However, it cannot be said that the original design has actually been fully implemented as envisioned. WebScarab started as a spider that was able to download all the pages on a site, and stayed like that for about a year. Lessons learned during the development of Exodus were used to implement WebScarab. Now, almost nothing of the original WebScarab has remained in the current code base. The spider code in wihch WebSphinx/WebScarab was based on was mature and well-tested, but it did not fit in with most people’s view of how such a tool should operate. A trivial spider was implemented in its place instead of ripping out 99% of WebSphinx, . The original WebScarab/WebSphinx spider code is still available from SourceForge, for anyone who is interested