This work presents a web application security overview, presenting its main concepts and areas, the open source resources available, the most com- mon web security vulnerabilities and how to prevent them. We also have used some open source web application security scanners to test the security of a simple web application. We have used more than one scanner, aiming to have a complete report over the vulnerabilities and to make a comparison between them. We have used a web application previously developed without any concern about security. Our reports were on the vulnerabilities found and how much was easy or not to interpret and fix them.
