Penetration Testing mailing list archives
Re: Web Application Tester
From: "GUsh-T" <rootz () fibertel com ar>
Date: Thu, 16 Sep 2004 02:27:03 -0300
Also depends of what kind of webapp you're pen-testing. If you have java code+MVC+struts+JSP you need a proxy to test and change de parameters into de "uri". I always thinks in plataform first and later what tools and methods to use. Nikto doesn't check SQL injections or session Steeling. You must to put hands on that. :) Salu2, GUs.- NOC Sys Operator - Network Admin at ST in .ar :) ----- Original Message ----- From: "Danux" <dan57170 () yahoo com> To: <andrew () beegads com>; <pen-test () securityfocus com> Sent: Wednesday, September 15, 2004 11:45 AM Subject: Re: Web Application Tester
You should check nikto or whisker. They are special for web environment. --- Andrew Bagrin <abagrin () gmail com> escribió:Does anyone know of an application tester similar to AppDetective thats not as hard on the pocket book? I need to pentest a web app and am looking for some tools Thanks, -- Andrew Bagrin andrew () bagrin com--------------------------------------------------------------------------
----
Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization.http://www.infosecinstitute.com/courses/ethical_hacking_training.html--------------------------------------------------------------------------
-----
_________________________________________________________ Do You Yahoo!? Información de Estados Unidos y América Latina, en Yahoo! Noticias. Visítanos en http://noticias.espanol.yahoo.com --------------------------------------------------------------------------
----
Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html --------------------------------------------------------------------------
-----
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Web Application Tester Andrew Bagrin (Sep 14)
- Re: Web Application Tester A.R. (Sep 15)
- Re: Web Application Tester Anders Thulin (Sep 15)
- Re: Web Application Tester cbc (Sep 16)
- Re: Web Application Tester brennan stewart (Sep 16)
- Re: Web Application Tester Danux (Sep 15)
- Re: Web Application Tester Mambo Dsouza (Sep 16)
- Re: Web Application Tester GUsh-T (Sep 16)
- Re: Web Application Tester Darren Bounds (Sep 21)
- <Possible follow-ups>
- Re: Web Application Tester mkraisi (Sep 15)
- RE: Web Application Tester Hayden Searle (Sep 15)
- Re: Web Application Tester Mambo Dsouza (Sep 16)
- RE: Web Application Tester John Floyd (Sep 16)
- RE: Web Application Tester chuan.delahosseraye (Sep 16)
- RE: Web Application Tester A.R. (Sep 18)
- RE: Web Application Tester dseth (Sep 17)
- RE: Web Application Tester Bénoni MARTIN (Sep 17)
- RE: Web Application Tester Bowes, Ronald (EST) (Sep 18)
(Thread continues...)