Penetration Testing mailing list archives
Re: Application Security
From: "kevin horvath" <kevin.horvath () gmail com>
Date: Mon, 7 Jul 2008 13:26:01 -0400
look into a proxy for web app testing such as burp proxy, paros, or webscarab. Additionally you will also find a fuzzer very useful in which burp has a very good one. There are commercial app scanners out there that are pretty good at finding the low hanging fruit such as XSS but to manually test everything you will spend most of your time in a proxy. Kevin On Mon, Jul 7, 2008 at 5:12 AM, GT GERONIMO, Frederick Joseph B. <fbgeronimo () globetel com ph> wrote:
Hello, I have been reading up on Application Security and Software Security Testing. I am interested tools you use in detecting any security bugs in business applications, may it be a web application, a C+ GUI, or what have you. Any opinion would be greatly appreciated. Thanks Fred This e-mail message (including attachments, if any) is intended for the use of the individual or the entity to whom it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and delete this E-mail message immediately. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Application Security GT GERONIMO, Frederick Joseph B. (Jul 07)
- Re: Application Security kevin horvath (Jul 07)
- RE: Application Security Rivest, Philippe (Jul 07)
- Re: Application Security Meenal Mukadam (Jul 08)
- <Possible follow-ups>
- Re: Application Security abhishek . luck (Jul 08)