Penetration Testing mailing list archives
Re: [PEN-TEST] Pen-testing a website
From: Aviram Jenik <aviram () BEYONDSECURITY COM>
Date: Mon, 25 Dec 2000 19:01:58 +0200
You might want to add to your list: http://www.AutomatedScanning.com -- Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.AutomatedScanning.com http://www.SecuriTeam.com ----- Original Message ----- From: "Teicher, Mark" <mark.teicher () NETWORKICE COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Friday, December 22, 2000 7:22 PM Subject: Re: Pen-testing a website
http://www.qualys.com/services/index.htm http://www.atelierweb.com/pscan/index.htm http://www.hoobie.net/brutus/brutus-faq.html http://www.cerberus-infosec.co.uk/cis.shtml <-- they are now @Stake.. :( /m At 06:00 PM 12/22/00 +0530, Charles wrote:Hi I want to test out the application that my developers have made for an E-Commerce site (E-Commerce meaning transaction-enabled). Essentially to test issues like these: - Mucking around with Cookies/Session IDs to find holes - Ability to hijack sessions - URL sequencing, etc I am looking for an exhaustive list of such cases. Any links, tools, help would be appreciated. Thanks -C
Current thread:
- [PEN-TEST] Pen-testing a website Charles (Dec 22)
- Re: [PEN-TEST] Pen-testing a website Teicher, Mark (Dec 22)
- Re: [PEN-TEST] Pen-testing a website Aviram Jenik (Dec 26)
- Re: [PEN-TEST] Pen-testing a website Teicher, Mark (Dec 22)