WebApp Sec mailing list archives
Re: testing web app security
From: Ivan Ristic <ivanr () webkreator com>
Date: Sat, 20 Mar 2004 20:00:45 +0000
Are there any training courses or documents/books you can suggest that would help me learn the skills I need to make this happen? Does anyone have a site that lists tools (open source preferred) That I could use to help me test these applications?
There's a resource/link database on the ModSecurity web site: http://www.modsecurity.org/db/resources/ I am still adding content to it but there are many useful links already. In time, the resource database will be enhanced to allow any registered user to contribute. One paper will be of special interest to you: Application Assessment Questioning http://www.technicalinfo.net/papers/AssessmentQuestions.html And this book, very useful: HackNotes Web Security Pocket Reference http://www.amazon.com/exec/obidos/tg/detail/-/0072227842/ -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ]
Current thread:
- testing web app security Michael Cunningham (Mar 19)
- Re: testing web app security A.D. Douma (Mar 19)
- Re: testing web app security Ivan Ristic (Mar 20)
- Re: testing web app security Felipe Moniz de Aragao (Mar 19)
- RE: testing web app security Mark Curphey (Mar 19)
- Re: testing web app security Steve Suehring (Mar 19)
- <Possible follow-ups>
- RE: testing web app security Weiler, Jim (Mar 31)
- Re: testing web app security A.D. Douma (Mar 19)