Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Urgent - Web Applications Auditing

From: bugtraq () cgisecurity net
Date: Thu, 21 Feb 2008 17:52:19 -0500 (EST)
Check out the WASC Threat Classification Document. It has a good rundown of the types
of attacks as well as examples and links to further reading on each.

http://www.webappsec.org/projects/threat/

- Robert
http://www.cgisecurity.com/
http://www.qasec.com/
http://www.webappsec.org/



Hi Everybody,

I will performed an audit for web applications (XSS on GET/POST  
method, Path transversal, etc...). Do you have some documents on how  
perform it correctly, methodology, examples of reporting, etc. ?

Thanks a lot in advance for your help,


mih4ke

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: