PaulDotCom mailing list archives
Steps taken During a Web App Pentest
From: irongeek at irongeek.com (Adrian Crenshaw)
Date: Mon, 8 Jun 2009 11:57:05 -0400
I don't get it, how can I use ear wax in a web app pen-test? Maybe social engineering: Give me your password or I'll leave this on your keyboard? Adrian 2009/6/8 Paul Asadoorian <paul at pauldotcom.com>
I think the most important tool is the one between your ears :) Seriously, the best web application bugs are found by using the web application, understanding what it does (preferably browse to all functionality through your favorite web app proxy like webscarab), then coming up with scenarios that might break it. Once you understand those scenarios you can find/write tools to help execute your attack. However, you may also want to use some automated tools that will find some points to start your manual testing. This is a different phase of the test, but an important one. I would use tools such as Nikto, grendel-scan, web spider, w3af, etc.. for this type of testing. Cheers, Paul infolookup at gmail.com wrote:Thanks for the feed back so far anyone else wants to state what testing framework or tools the are using preferably open source. Once I am finish the initial testing my next steps will be to lock it done, configure some sort of self sign cert for apache to use ssl instead of the native http for starters. Sent from my Verizon Wireless BlackBerry ------------------------------------------------------------------------ *From*: Johan Peder M?ller *Date*: Mon, 8 Jun 2009 15:53:49 +0200 *To*: <infolookup at gmail.com>; PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com> *Subject*: Re: [Pauldotcom] Steps taken During a Web App Pentest Hi Given your "no buget" constraint, I'd go with something like OWASP Live CD (http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project). If you have a basic understanding of how web appls work, and how to attack them this should give you a starting point. As for the completeness of scannings I can't say. I myself is in the process of evaluating. rgds Johan M?ller On Sat, Jun 6, 2009 at 8:55 PM, <infolookup at gmail.com <mailto:infolookup at gmail.com>> wrote: Hello All: I am task with doing a basic web app pentest of a server that we are about to given external users access too. Background: I work for a university no security department, no budget to hire a auditor. We are about to put one of our training servers on our DMZ this way Faculty and Staff members can access it from home for Microsoft and other application video tutorials. Since my boss is aware that I am interested in infosec I was given the green light to test the app/server and report back anything that can aid in locking it down. Question: Since there are so much tools and ways to go about this I would like to know how do others go about a web app pentest, don't have to give away any trade secrets :)-. I am just looking for an efficient way to go about this! Specs: OS: Windows 2003 running in a VMware, ESX 3.5. Application: Training package, with a bundled windows version of a LAMP setup. Acess Method: http. Thanks in advance. Sent from my Verizon Wireless BlackBerry _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com <mailto:Pauldotcom at mail.pauldotcom.com>http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ------------------------------------------------------------------------ _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090608/7e002bf4/attachment.htm
Current thread:
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 06)
- Steps taken During a Web App Pentest Johan Peder Møller (Jun 08)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 08)
- Steps taken During a Web App Pentest Paul Asadoorian (Jun 08)
- Steps taken During a Web App Pentest Adrian Crenshaw (Jun 08)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 08)
- Steps taken During a Web App Pentest Paul Asadoorian (Jun 08)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 08)
- Steps taken During a Web App Pentest Johan Peder Møller (Jun 08)
- Steps taken During a Web App Pentest Michael McGrew (Jun 08)
- Steps taken During a Web App Pentest Jason Wood (Jun 08)
- Steps taken During a Web App Pentest Jody & Jennifer McCluggage (Jun 09)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 09)
- Steps taken During a Web App Pentest Jason Wood (Jun 10)