Re: Application Assessment

bugtraq_at_cgisecurity.net
Date: 08/11/05

  • Next message: Mark Curphey: "RE: Application Assessment"
    To: pen-test@securityfocus.com, webappsec@securityfocus.com (Webappsec), goenw.mailinglist@gmail.com (goenw)
    Date: Thu, 11 Aug 2005 11:26:54 -0400 (EDT)
    
    

    > > anybody have experience with application assessment ? I am a
    > > network guy, dont know much about the apps PT.
    > > 1. is there any tools that allow me to do the assessment throughly ?

    Check out the Burp Suite v1.0 (http://portswigger.net/suite/) which was just released.

    > If you're talking web-applications, check out www.owasp.org for a
    > wealth of information on the subject. You may also want to take a
    > look at the webappsec mailing list at www.securityfocus.com.

    The Web Application Security Consortium also has some documentation
    under http://www.webappsec.org/projects/ that may help you out. You may also want to check out
    'The Web Security Mailing List' (http://www.webappsec.org/lists/websecurity/ )

     - zeno
    http://www.cgisecurity.com (Web Application Security News, and more)

    ------------------------------------------------------------------------------
    FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

    Learn the hacker's secrets that compromise wireless LANs. Secure your
    WLAN by understanding these threats, available hacking tools and proven
    countermeasures. Defend your WLAN against man-in-the-Middle attacks and
    session hijacking, denial-of-service, rogue access points, identity
    thefts and MAC spoofing. Request your complimentary white paper at:

    http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
    -------------------------------------------------------------------------------


  • Next message: Mark Curphey: "RE: Application Assessment"

    Relevant Pages

    • RE: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)
      ... U will probably need to "morphine" your evil apps before you run them on an AV protected machine - download morphine from hxdef.org; might as well pick up a copy of hf's rootkit while your there... ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... WLAN by understanding these threats, ...
      (Pen-Test)
    • RE: AD password Auditing
      ... Subject: AD password Auditing ... > FREE WHITE PAPER - Wireless LAN Security: ... Defend your WLAN against ... FREE WHITE PAPER - Wireless LAN Security: ...
      (Pen-Test)
    • RE: AD password Auditing
      ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... WLAN by understanding these threats, available hacking tools and proven ...
      (Pen-Test)
    • Re: Handling Sysads resignation/termination
      ... FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... WLAN by understanding these threats, ... Switch to Netscape Internet Service. ...
      (Pen-Test)
    • RE: Handling Sysads resignation/termination
      ... when an administrator behaves badly, ... >FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't ... >WLAN by understanding these threats, ...
      (Pen-Test)