The Remote File Inclusion Detection Accuracy of Web Application Scanners

The current information is based on the results of the *2011/2012/2014/2016* benchmarks (excpet for entries marked as updated or new )

Last updated: 18/09/2016, Currently compares 19 scanners
Sorted in a descending order according to the scanner Remote File Inclusion (RXSS via RFI) detection ratio and product name.
Hint: click the version link to get more information about each scanner evaluation, and the product name to get detailed information on the product.

Unified List   Commercial Scanners   Free / Open Source Scanners


Rank
#
LogoVulnerability ScannerVersionVendorDetection AccuracyChart
1
arachni1.1Tasos Laskos100.00% Detection Rate
0.00% False Positives		(108/108)
(0/6)
1
Vega1.0Subgraph100.00% Detection Rate
0.00% False Positives		(108/108)
(0/6)
2
ZAP2.2.2OWASP100.00% Detection Rate
16.67% False Positives		(108/108)
(1/6)
3
IronWASP0.9.7.4Lavakumar Kuppan77.78% Detection Rate
0.00% False Positives		(84/108)
(0/6)
4
Wapiti2.3.0OWASP57.41% Detection Rate
0.00% False Positives		(62/108)
(0/6)
5
Syhunt Mini (Sandcat Mini)4.4.3.0Syhunt44.44% Detection Rate
0.00% False Positives		(48/108)
(0/6)
6
SkipFish2.10Michal Zalewski - Google31.48% Detection Rate
16.67% False Positives		(34/108)
(1/6)
7
W3AF1.6W3AF developers16.67% Detection Rate
16.67% False Positives		(18/108)
(1/6)

Copyright © 2010-2015 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.