Re: Application Assessment

bugtraq_at_cgisecurity.net
Date: 08/11/05

  • Next message: Mark Curphey: "RE: Application Assessment"
    To: pen-test@securityfocus.com, webappsec@securityfocus.com (Webappsec), goenw.mailinglist@gmail.com (goenw)
    Date: Thu, 11 Aug 2005 11:26:54 -0400 (EDT)
    
    

    > > anybody have experience with application assessment ? I am a
    > > network guy, dont know much about the apps PT.
    > > 1. is there any tools that allow me to do the assessment throughly ?

    Check out the Burp Suite v1.0 (http://portswigger.net/suite/) which was just released.

    > If you're talking web-applications, check out www.owasp.org for a
    > wealth of information on the subject. You may also want to take a
    > look at the webappsec mailing list at www.securityfocus.com.

    The Web Application Security Consortium also has some documentation
    under http://www.webappsec.org/projects/ that may help you out. You may also want to check out
    'The Web Security Mailing List' (http://www.webappsec.org/lists/websecurity/ )

     - zeno
    http://www.cgisecurity.com (Web Application Security News, and more)

    ------------------------------------------------------------------------------
    FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

    Learn the hacker's secrets that compromise wireless LANs. Secure your
    WLAN by understanding these threats, available hacking tools and proven
    countermeasures. Defend your WLAN against man-in-the-Middle attacks and
    session hijacking, denial-of-service, rogue access points, identity
    thefts and MAC spoofing. Request your complimentary white paper at:

    http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
    -------------------------------------------------------------------------------


  • Next message: Mark Curphey: "RE: Application Assessment"