The Path Traversal / Local File Inclusion Detection Accuracy of Web Application Scanners

The current information is based on the results of the *2011/2012/2014/2016* benchmarks (excpet for entries marked as updated

or new

)

Last updated: 18/09/2016, Currently compares 23 scanners
Sorted in a descending order according to the scanner Path Traversal/LFI detection ratio and product name.
Hint: click the version link to get more information about each scanner evaluation, and the product name to get detailed information on the product.

Unified List Commercial Scanners Free / Open Source Scanners

Rank

#

Logo

Vulnerability Scanner

Version

Vendor

Detection Accuracy

Chart

1

9.0.0.999 / 8.8.0.0

IBM Security Systems Division

100.00% Detection Rate
0.00% False Positives

(816/816)
(0/8)

1

100.00% Detection Rate
0.00% False Positives

(816/816)
(0/8)

1

Tinfoil Security

Tinfoil Security

100.00% Detection Rate
0.00% False Positives

(816/816)
(0/8)

2

Netsparker Cloud

94.36% Detection Rate
0.00% False Positives

(770/816)
(0/8)

3

94.12% Detection Rate
0.00% False Positives

(768/816)
(0/8)

4

92.77% Detection Rate
12.50% False Positives

(757/816)
(1/8)

5

HP Application Security Center

91.18% Detection Rate
0.00% False Positives

(744/816)
(0/8)

6

81.13% Detection Rate
12.50% False Positives

(662/816)
(1/8)

7

Burp Suite Professional

69.12% Detection Rate
12.50% False Positives

(564/816)
(1/8)

8

63.97% Detection Rate
37.50% False Positives

(522/816)
(3/8)

9

52.94% Detection Rate
0.00% False Positives

(432/816)
(0/8)

10

JSky (Commercial Edition)

48.53% Detection Rate
12.50% False Positives

(396/816)
(1/8)

11

MileSCAN Technologies

12.75% Detection Rate
37.50% False Positives

(104/816)
(3/8)

Copyright © 2010-2015 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.