Security Basics mailing list archives
Re: Building a career in vulnerability detection/assessment, penetrating testing and forensics
From: psiinon <psiinon () gmail com>
Date: Tue, 3 May 2011 16:54:04 +0100
Hi Madhur, If you want to perform any penetration testing on web applications then you'll need to use an intercepting proxy. There are some excellent ones like WebScarab and Burp. However I'd recommend that you start with the OWASP Zed Attack Proxy: http://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project as its designed to be a bit friendlier to people new to pen testing. But I am biased as I'm the project lead ;) Then the best thing to do is get your hand dirty trying to break vulnerable web apps. Theres a good list of those here: http://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning/ Psiinon On Tue, May 3, 2011 at 1:41 PM, Madhur Ahuja <ahuja.madhur () gmail com> wrote:
Hi All - I am interested in building a career around security especially vulnerability detection/assessment, penetrating testing and forensics. I have 5 years of work experience in development and consulting in Microsoft technology stack and plan to pursue education in Information Security Any advice on how to progress in this field will be highly appreciated. Any tips regarding certifications, tools and procedures which I can start learning along with my course ? Thanks, Madhur ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Building a career in vulnerability detection/assessment, penetrating testing and forensics Madhur Ahuja (May 03)
- Re: Building a career in vulnerability detection/assessment, penetrating testing and forensics psiinon (May 03)
- Re: Building a career in vulnerability detection/assessment, penetrating testing and forensics Madhur Ahuja (May 03)
- RE: Building a career in vulnerability detection/assessment, penetrating testing and forensics Holger Reichert (May 03)
- Re: Building a career in vulnerability detection/assessment, penetrating testing and forensics Madhur Ahuja (May 03)
- Re: Building a career in vulnerability detection/assessment, penetrating testing and forensics Jonathan Younie (May 03)
- Re: Building a career in vulnerability detection/assessment, penetrating testing and forensics psiinon (May 03)