Penetration Testing mailing list archives
RE: Infrastructure Testing for Web Applications
From: "Ory Segal" <osegal () watchfire com>
Date: Wed, 6 Sep 2006 22:10:48 +0300
Hello Paul, When you say 'infrastructure testing', do you refer to testing only platform-specific issues, such as problems in Microsoft IIS, Apache, etc..? or are you referring to testing your web application for application-layer issues (e.g. XSS, SQL Injection, etc.)? As a starting point, you can check out the following whitepaper: https://www.watchfire.com/securearea/whitepapers.aspx?id=20 ("Methodologies and Tools for Web Application Security Assessment") Good luck with the assessment, Ory Segal Watchfire -----Original Message----- From: Paul Justin [mailto:pauljustin () gmail com] Sent: Wednesday, September 06, 2006 7:25 PM Cc: pen-test () securityfocus com Subject: Infrastructure Testing for Web Applications Good evening all, We are looking at doing infrastructure testing for our company's web applications, and was wondering what sort of methodologies / tools do you all use to assist yourselves in this process? Best regards, Paul J. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- Infrastructure Testing for Web Applications Paul Justin (Sep 06)
- <Possible follow-ups>
- RE: Infrastructure Testing for Web Applications Ory Segal (Sep 07)