Computer programmers are often treated as solution providers and can automate any tasks. Most applications developed today work on client browser environment as a web application working on various database modules. Hence security is always a key concern, so we are going to review top web security scanners.

Database Modules: MySQL, MS SQL, Oracle, Postgre SQL, MS Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB

Security Threats: SQL injection variants, XSS, URL rewriting rules, custom 404 error pages, WordPress & Joomla Vulnerabilities, OWASP

Solution Availability: Local, SAS or Cloud Solution

Acunetix – Fully Automated Ethical Hacking Solution

  • Fast, scalable and can be integrated with WAF's
  • Available locally and in cloud solution
  • Scans HTML5, Javascript, one-page applications, web applications, and searches SQL injection variants, XSS and vulnerabilities in WordPress themes and Plug-ins
  • Issues compliance and management reports on web and network security vulnerabilities


  • User-friendly, fully scalable, requires minimal setup and available as local and SAS solution
  • Can scan up to 1000 applications in 24 hours and automatically detect SQL injections, XSS, URL rewriting rules, custom 404 error pages, and other security issues.
  • Automated and accurate vulnerability assessments, triaging and verification with proprietary Proof Based Scanning technology which verifies false positives and save hundreds of man-hours.
  • The verified vulnerabilities automatically posted on a bug tracking system so that the team starts working on the remedies straight away.

Ettercap – Ethical Hacking Tool

  • Detects SSH in full duplex mode.
  • Supports passive and active analysis of many protocols to detect the local network between two hosts.


  • It discovers wireless network configuration on the
  • Windows platform in short-range locations.
    Detects unauthorized or rogue access points and causes of wireless interference.

  • Manages vulnerability life-cycle and provides troubleshooting tips.
  • Analyzes over 5000 vulnerabilities which include SQL injection, OWASP, WordPress & Joomla vulnerabilities

Cain & Abel

  • Recover MS Access and encrypted passwords with a dictionary attack, crypt-analysis, and brute force.
  • Sniff networks.


  • Automate SQL injection and database takeover tool, using techniques like a boolean and time-based blind, error-based, Union and stacked queries and out-of-band.