WebApp Sec mailing list archives
Code Review for Critical Application e.g Internet banking
From: "John Greiter" <irm () iinet net au>
Date: Fri, 21 Jul 2006 23:10:38 +1000
Guys, I am thinking whether I can get a sample code or maybe a framework that demonstrate the following: - Authenticate user - How to move around between pages securely - Idle period (automatic log off), etc I am also looking for a baseline that describes the minimum or the standard requirement for critical web application e.g. Internet Banking. For instance I noticed that in most of the internet banking, the user is required to enter the password by clicking the button in the sites, I guess the reason to do such thing is to prevent key logger attack. Does anyone know where I can get such things? Thanks, GG ------------------------------------------------------------------------- Sponsored by: Watchfire AppScan 6.5 is now available! New features for Web Services Testing, Advanced Automated Capabilities for Penetration Testers, PCI Compliance Reporting, Token Analysis, Authentication testing, Automated JavaScript execution and much more. Download a Free Trial of AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=70150000000CYkc -------------------------------------------------------------------------
Current thread:
- Code Review for Critical Application e.g Internet banking John Greiter (Jul 21)
- RE: Code Review for Critical Application e.g Internet banking Andrew Chong (Jul 21)
- <Possible follow-ups>
- Re: Code Review for Critical Application e.g Internet banking mike (Jul 22)