RE: Hacking and Building Web Applications


Thanks. How about trying Xmapp and Damn Vulnerable Web Application and
testing them? I came to know about this from someone. Also is OWASP the
best methodology to follow?

Regards,

Balaji Swaminathan .M



-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of J. Bakshi
Sent: Tuesday, January 05, 2010 6:14 AM
To: Swaminathan, Balaji
Cc: pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Hacking and Building Web Applications

On Mon, 4 Jan 2010 20:46:40 +0530
"Swaminathan, Balaji" <Balaji.Swaminathan@xxxxxxxxxxxxxx> wrote:

<snip>
Hi all,

Just started learning abt penetrating Web applications since last 1
month which is going to be my part of job shortly. To start with, I am
basically not from the programming background. So spending time in
learning them starting with Javascript, ASP, SQL, PHP etc (assuming

Testing and Hacking Methodologies (similar to OWASP, SANS etc)

</snip>

- To check the webserevr for security hole you can use nikto
- To check the server for hole you can use openvas
- Try bcktrack distro.

Thanks


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Relevant Pages

  • RE: So long and thanks a bunch!
    ... Information Assurance Certification Review ... actually do a proper penetration test. ... IACRB CPT and CEPT certs require ...
    (Pen-Test)
  • Re: web application scanner question
    ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Pentest exams
    ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Evaluating pentesters
    ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Tools for pen-test
    ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)