Disclaimer 1 — it ain't fool proof
ASafaWeb does its best to find configuration vulnerabilities but it will not
find many, many security related issues in apps. Always employ a combination of
careful code review and automated security analysis tools.
Disclaimer 2 — it shouldn't break your site
ASafaWeb only makes simple HTTP requests to the site being scanned. It doesn't attempt
anything invasive such as SQL injection and it shouldn't break anything
on the site. But there are no guarantees...
A troyhunt.com project | Generously supported