Security scanner

1 . A security scanner system that provides automated selection of payloads for a security scan, the security scanner system comprising: a computing device including a processing unit and a memory, the processing unit implementing a scan system and an automated payload selection system, the automated payload selection system is operable to: receive new payloads; update a list of payloads based on the new payloads; store the list of payloads to form a list of stored payloads; select a first set of payloads from the list of stored payloads; attack a test target with the first set of payloads; receive a test response for each payload in the first set of payloads from the test target; determine a second set of payloads that generated a valid test response from the test target; determine a symmetrical difference for each valid test response for the second set of payloads; cluster the second set of payloads into groups based on the symmetrical differences for the valid test responses for the second set of payloads, wherein payloads within a same group are identified as functionally equivalent; and select at least one payload from each group to form a third set of payloads; and the scan system is operable to: attack a security target with the third set of payloads. 2 . The system of claim 1 , wherein the automated payload selection system is further operable to: continuously update the third set of payloads based on the new payloads. 3 . The system of claim 1 , wherein the automated payload selection system reduces processor load, increases payload selection speed, improves security scans, and reduces network bandwidth when compared to security scanners that do not utilize the automated selection of payloads for the security scan. 4 . The system of claim 1 , wherein the scan system is further operable to: receive the security target; read attack surfaces for the security target; determining attack types for the security target based on the attack surfaces; receive responses for each of the third set of payloads from the security target evaluate the responses from the security target; and generate a report based on the evaluated responses, wherein the automated payload selection system is further operable to: select the first set of payloads from the list of stored payloads based on the determined attack types from the scan system. 5 . The system of claim 1 , wherein the select at least one payload from each group to form the third set of payloads includes selecting the payloads at random. 6 . The system of claim 1 , wherein the automated payload selection system is further operable to: create the test target, wherein the test target is created to have known security issues. 7 . A method for automated selection of payloads for a security scan of a web application by a security scanner, the method comprising: selecting a first set of payloads from a list of stored payloads; attacking a test target with the first set of payloads; receiving a test response for each payload in the first set of payloads from the test target; determining a second set of payloads that generated a valid test response from the test target; determining a symmetrical difference for each valid test response for the second set of payloads; clustering the second set of payloads into groups, the clustering comprising: comparing each symmetrical difference to a configurable threshold, classifying payloads of the second set of payloads into one group when the payloads have valid test responses with symmetrical differences that are less than the configurable threshold, and classifying the payloads of the second set of payloads into different groups when the payloads have valid test responses with symmetrical differences that are more than the configurable threshold, wherein the payloads within a same group are identified as functionally equivalent; selecting at least one payload from each group to form a third set of payloads; and attacking a security target with the third set of payloads. 8 . The method of claim 7 , further comprising at least one of reducing processor load, increasing payload selection speed, improving security scans, and reducing network bandwidth when compared to methods that do not utilize the automated selection of the payloads for the security scan. 9 . The method of claim 7 , wherein the test target is an existing web application with known security issues. 10 . The method of claim 7 , wherein the test target is created for use as the test target, wherein the test target is created to have known security issues. 11 . The method of claim 7 , wherein the selecting at least one payload from each group to form the third set of payloads comprises: selecting the payloads with fewest characters. 12 . The method of claim 7 , wherein the selecting at least one payload from each group to form the third set of payloads comprises: selecting the oldest payloads. 13 . The method of claim 7 , wherein the selecting at least one payload from each group to form the third set of payloads comprises: selecting the payloads based on the security target. 14 . The method of claim 7 , wherein the selecting at least one payload from each group to form the third set of payloads comprises: selecting the payloads that are easiest for humans to read. 15 . The method of claim 7 , wherein the determining the symmetrical difference for each valid payload test response for the second set of payloads and the clustering the second set of payloads into groups is performed by a behavior change (volatility) detection system. 16 . The method of claim 7 , wherein the test target and the security target are both at least one of: an email application; a social networking application; a collaboration application; an enterprise management application; a messaging application; a word processing application; a spreadsheet application; a database application; a presentation application; a search engine; a contacts application; a gaming application; an e-commerce application; an e-business application; a transactional application; and exchange application; and a calendaring application. 17 . The method of claim 7 , further comprising: receiving the security target; reading attack surfaces for the security target; determining attack types for the security target based on the attack surfaces; wherein the first set of payloads is selected based on the determined attack types; receiving responses for each of the third set of payloads from the security target; evaluating the responses from the security target; and generating a report based on the evaluating of the responses. 18 . The method of claim 7 , wherein the reading the attack surfaces further comprises: identifying at least one input; identifying characters allowed by the at least one input; determining a maximum and minimum number of characters that are accepted by the at least one input; and determining a manner in which the characters are treated by the test target. 19 . The method of claim 7 , further comprising: receiving new payloads; updating a list of payloads based on the new payloads; storing the list of payloads to form the list of stored payloads. 20 . A system for automated selection of payloads for a security scan, the system comprising: at least one processor; and one or more computer-readable storage media including computer-executable instructions stored thereon th