Re: Hacking and Building Web Applications
- From: Morgan Reed <morgan.s.reed@xxxxxxxxx>
- Date: Sun, 10 Jan 2010 14:47:59 +1100
On Thu, Jan 7, 2010 at 23:10, Swaminathan, Balaji
<Balaji.Swaminathan@xxxxxxxxxxxxxx> wrote:
Can you please brief me on why it is not advisable to frame and hack our own applications? Why I am concerned here is, I guess it will help me understand the code behind the logic to some moderate extent and hence and facilitates the code review process. Please advise. Also any best testing methodology look into...?
It is not advisable to hack your own applications because this will
severely limit your exposure to different kinds of vulnerabilities,
and if you are deliberately introducing exploitable bugs you will
already know where/what they are, in a real world scenario much of
your testing will be "black box".
The other benefit of using Hacme/DVL is that their bugs are cataloged
and well documented, this means you have a metric you can use to
quantify your progress.
Certainly writing a few web applications is a good way to get the
basics down with regards to HOW they work, but I wouldn't recommend
you use this as the main part of the learning process.
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- References:
- RE: Pentesting lab
- From: Swaminathan, Balaji
- RE: Pentesting lab
- From: Elliot Fernandes
- Hacking and Building Web Applications
- From: Swaminathan, Balaji
- Re: Hacking and Building Web Applications
- From: Morgan Reed
- RE: Hacking and Building Web Applications
- From: Swaminathan, Balaji
- RE: Pentesting lab
- Prev by Date: RE: Nessus, Harmful?
- Next by Date: Re: Pentesting lab
- Previous by thread: RE: Hacking and Building Web Applications
- Next by thread: Re: Hacking and Building Web Applications
- Index(es):
Relevant Pages
|
