Security Basics mailing list archives
Re: Testing for SQL injection or Cross Site scripting
From: Dale Stirling <dale () puredistortion com>
Date: Thu, 5 Nov 2009 22:32:10 +1100
Have a look at the SamuariWTF Live CD: http://samurai.inguardians.com Has great tools like w3af and BeEF. Well worth a look at. Also sslsniff and sslstrip by Moxie Marlinspike which are some great tools: http://www.thoughtcrime.org/software.html Also look at Mutillidae from irongeek.com (http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10) and Damn Vulnerable Web App (www.ethicalhack3r.co.uk/damn-vulnerable-web-app) as these are great testing environment for testing tools. Dale Also On Thu, Oct 8, 2009 at 2:22 AM, Fabien Vincent <fabvincent () gmail com> wrote:
Hi Scott, Firefox + XSS ME / SQL Inject Me from SecurityCompass With this kind of tools, you can add your own XSS / SQL Injection values /tests. Perhaps, you can check OWASP website, I don't remember if there's a webpage for known or useful tools. Regards, ------------------------------------------------------------------- FV On Wed, Oct 7, 2009 at 01:57, Scott Race <scott () jda-networks com> wrote:Hey everyone, Does anyone know of any free SQL injection or XSS tools to scan a single website? I checked out Acunetix and a few other tools, but they are pretty expensive. Not that I don't want to support vendors who make good tools, but this project isn't going to make much $$, so free tools are our only option if we want to scan to see where we're at. Thanks in advance! Scott ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Re[2]: Testing for SQL injection or Cross Site scripting Stoughton, Brian F. (Nov 04)
- <Possible follow-ups>
- Re: Testing for SQL injection or Cross Site scripting Dale Stirling (Nov 09)