I recommend more enhancements focusing on penetration testing for both SSL over HTTP and non-SSL over HTTP, specifically targeting the RCP Rich Client Platform and Equinox frameworks that allow on-premises desktop applications to be tested simultaneously. I believe those would significantly improve the tool in the future. I choose eight as my rating primarily because of the installer app; it becomes challenging to identify the actual vulnerabilities. Once we build this installer—rather than just working on the codebase—sometimes, we face gaps considering the build parameters and conversions to the installer. Identifying those gaps is an area that could use improvement after the installer or desktop application testing, which would be beneficial. That is the only reason; otherwise, I could easily rate it a ten out of ten given its smooth operational process.
