This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Denver July 2008 meeting

Jump to: navigation, search

Topic: Grendel-Scan: Next Generation Open Source Web App Vulnerability Scanner

David Byrne and Eric Duprey delivered a pre-release of their latest work - Grendel-Scan. Grendel-Scan is a tool they developed to automate aspects of appsec testing.

Slide deck (PPT)

ISO of Live-CD environment

Note that the Live-CD environment used to demonstrate Grendel-Scan includes not only the vulnerability scanner, but also a vulnerable version of Xen-Cart, a popular OSS shopping cart application.

David and Eric will be presenting Grendel-Scan at Defcon '08 in Las Vegas. If you are attending DEFCON, please come to their presentation: Saturday, Track 4, 5:00-5:50PM.

Back to OWASP Denver