PaulDotCom mailing list archives
Steps taken During a Web App Pentest
From: infolookup at gmail.com (infolookup at gmail.com)
Date: Sat, 6 Jun 2009 18:55:25 +0000
Hello All: I am task with doing a basic web app pentest of a server that we are about to given external users access too. Background: I work for a university no security department, no budget to hire a auditor. We are about to put one of our training servers on our DMZ this way Faculty and Staff members can access it from home for Microsoft and other application video tutorials. Since my boss is aware that I am interested in infosec I was given the green light to test the app/server and report back anything that can aid in locking it down. Question: Since there are so much tools and ways to go about this I would like to know how do others go about a web app pentest, don't have to give away any trade secrets :)-. I am just looking for an efficient way to go about this! Specs: OS: Windows 2003 running in a VMware, ESX 3.5. Application: Training package, with a bundled windows version of a LAMP setup. Acess Method: http. Thanks in advance. Sent from my Verizon Wireless BlackBerry
Current thread:
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 06)
- Steps taken During a Web App Pentest Johan Peder Møller (Jun 08)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 08)
- Steps taken During a Web App Pentest Paul Asadoorian (Jun 08)
- Steps taken During a Web App Pentest Adrian Crenshaw (Jun 08)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 08)
- Steps taken During a Web App Pentest Paul Asadoorian (Jun 08)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 08)
- Steps taken During a Web App Pentest Johan Peder Møller (Jun 08)
- Steps taken During a Web App Pentest Michael McGrew (Jun 08)
- Steps taken During a Web App Pentest Jason Wood (Jun 08)
- Steps taken During a Web App Pentest Jody & Jennifer McCluggage (Jun 09)
- Steps taken During a Web App Pentest infolookup at gmail.com (Jun 09)