Re: Web Application Tester

From: Mambo Dsouza (mamboz_at_gmail.com)
Date: 09/15/04

  • Next message: Mambo Dsouza: "Re: Web Application Tester"
    Date: Wed, 15 Sep 2004 18:25:22 +0200
    To: Hayden Searle <hayden.searle@safecom.co.nz>
    
    

    Correct me if i am wrong...

    Up to my knowledge i think for testing web application there are a lot
    of tools...which only conduct test up to a certain level..

    But i think the best are the manual methods..like parameter
    tampering..URL tampering..hidden fields..injecting code..or even
    performing sql injection techniques..

    for these you can actually use tools like websleuth and
    TamperIE..which are of real help..

    Please correct me if i am wrong..or if anyone else also has some inputs..

    Cheers
    Mambo

    On Wed, 15 Sep 2004 17:02:12 +1200, Hayden Searle
    <hayden.searle@safecom.co.nz> wrote:
    > The only other one I know of is @Stake but I think that is rather
    > expensive too. http://www.atstake.com/
    >
    > Hayden Searle
    >
    > -----Original Message-----
    > From: Andrew Bagrin [mailto:abagrin@gmail.com]
    > Sent: Wednesday, 15 September 2004 10:50 a.m.
    > To: pen-test@securityfocus.com
    > Subject: Web Application Tester
    >
    > Does anyone know of an application tester similar to AppDetective
    > thats not as hard on the pocket book?
    > I need to pentest a web app and am looking for some tools
    >
    > Thanks,
    >
    > --
    > Andrew Bagrin
    > andrew@bagrin.com
    >
    > ------------------------------------------------------------------------
    > ------
    > Ethical Hacking at the InfoSec Institute. All of our class sizes are
    > guaranteed to be 12 students or less to facilitate one-on-one
    > interaction
    > with one of our expert instructors. Check out our Advanced Hacking
    > course,
    > learn to write exploits and attack security infrastructure. Attend a
    > course
    > taught by an expert instructor with years of in-the-field pen testing
    > experience in our state of the art hacking lab. Master the skills of an
    > Ethical Hacker to better assess the security of your organization.
    >
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > ------------------------------------------------------------------------
    > -------
    >
    > #####################################################################################
    > Important: This electronic message and attachments (if any) are confidential
    > and may be legally privileged. If you are not the intended recipient do not
    > copy, disclose or use the contents in any way. Please let us know by return
    > e-mail immediately and then destroy this message.
    > #####################################################################################
    >
    >
    >
    > ------------------------------------------------------------------------------
    > Ethical Hacking at the InfoSec Institute. All of our class sizes are
    > guaranteed to be 12 students or less to facilitate one-on-one interaction
    > with one of our expert instructors. Check out our Advanced Hacking course,
    > learn to write exploits and attack security infrastructure. Attend a course
    > taught by an expert instructor with years of in-the-field pen testing
    > experience in our state of the art hacking lab. Master the skills of an
    > Ethical Hacker to better assess the security of your organization.
    >
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > -------------------------------------------------------------------------------
    >
    >

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one interaction
    with one of our expert instructors. Check out our Advanced Hacking course,
    learn to write exploits and attack security infrastructure. Attend a course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------


  • Next message: Mambo Dsouza: "Re: Web Application Tester"