Might be useful to tool to try on Hawkular to identify security vulnerabilities ...
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
https://github.com/zaproxy/zaproxy