Penetration Testing mailing list archives
Re: WebServices Testing
From: "mailing lists" <bofn () irq org>
Date: Sun, 08 Oct 2006 12:30:10 +0200
*This message was transferred with a trial version of CommuniGate(tm) Pro* On Sat, 7 Oct 2006 08:50:11 -0700 (PDT) Shahin Ansari <zohal52 () yahoo com> wrote:
Hi Where would you say one can learn more about this profession ethically? How and what
tools should they use? Also do you know where I can get GCIH? I know you do not approve, but I am new.
Sean
i've read the first chapters some of the sold as Best certification course books, and found too many mistakes, false assumptions and bad logic in them. they look like 'cut, alter & paste' work from the Orange Book from the mid 80's, or a stack of random articles. my advice would be, First learn how things work, before you read books and articles on how to 'break' them. if you dont know how the HTTP protocol works with all its funky commands and options, then you can only repeat the few tricks, and will not see a lot of the the site specific issues. automated tests are a nice tool to speed up things, but no replacement for eyes, brain and keyboard. Cheers *Anna -- "The power of accurate observation is frequently called cynicism by those who don't have it." ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- WebServices Testing dallas jordan (Oct 05)
- Re: WebServices Testing mailing lists (Oct 05)
- RE: WebServices Testing Paul Melson (Oct 06)
- Re: WebServices Testing Jamie Riden (Oct 06)
- Re: WebServices Testing Joseph McCray (Oct 06)
- <Possible follow-ups>
- Re: WebServices Testing revnic (Oct 06)
- Re: WebServices Testing mailing lists (Oct 08)
- Re: WebServices Testing mailing lists (Oct 08)
- RE: WebServices Testing Paul Melson (Oct 09)
- Re: WebServices Testing mailing lists (Oct 05)