Penetration Testing mailing list archives
Re: WebService pentest tool on
From: wing.hon.loke () sg pwc com
Date: Mon, 23 Jun 2003 17:52:50 +0800
Dear all,
Anyone knows whether there are any practical restriction on the use of Web
application open sources tools such as nikto, nessus,whisker, Achilles,
WebProxy, Exodus, SPIKE, etc in testing a Japanese or Chinese Web servers?
For example, would
the system paths for the files be different and probably not in english. In
that case, how would a tool detect
for example the presence of vulnerability scripts?
Do you need a Japanese/Chinese version of WebInspect and AppScan to test
out a web application?
Regards,
Wing Hon
"Kevin Spett"
<kspett@spidynami To: "raymond" <ip_raymond () yahoo com>, <pen-test ()
securityfocus com>
cs.com> cc:
Subject: Re: WebService pentest tool
01/05/2003 10:56
PM
The latest version of WebInspect (http://www.spidynamics.com/product.html)
includes the ability to audit web services. It can be used for both
automated scanning and manual request manipulation.
Kevin Spett
SPI Labs
http://www.spidynamics.com/
----- Original Message -----
From: "raymond" <ip_raymond () yahoo com>
To: <pen-test () securityfocus com>
Sent: Wednesday, April 30, 2003 2:56 AM
Subject: WebService pentest tool
Hi, I am on the way to complete to build a WebService using SunWebService Package. Do anyone hv the experience and tools to pentest the WebService ? Many thanks, Raymond. __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com
-------------------------------------------------------------------------- -
Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test
-------------------------------------------------------------------------- --
--------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ---------------------------------------------------------------------------- _________________________________________________________________ The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. --------------------------------------------------------------------------- Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits and the latest techniques from a world-class research group. Visit us at: www.coresecurity.com/promos/sf_ept1 or call 617-399-6980 ----------------------------------------------------------------------------
Current thread:
- Re: WebService pentest tool on wing . hon . loke (Jun 23)