Penetration Testing mailing list archives
Re: Application Security
From: "Meenal Mukadam" <meenal.mukadam () gmail com>
Date: Wed, 9 Jul 2008 09:37:13 +0530
Hello Frederick, To start with you could get mozilla addons. The advantage of having these addons is that they make your life easy. (atleast they made my life easy :) ) You can download addons like hackbar, access me, sql inject me, xss me, webdeveloper, greasymonkey, foxyproxy, tamper data, fire bug, quick proxy, IP Geo-location, whois, show ip, stealther, WASP, Xpath checker, etc. These are a few good addons that'll give you the needed information on the fly. Then there are many tools that are already mentioned by Philippe Rivest. I would like to add to that list. For port scanning angry ip scanner, super scanner, etc. Wikto which has both google hacks & Nikto's database. Accunetix & Watchfire for WebApp security. For generating a wordlist for brute forcing Brutus is an excellent tool. Webscarab is my personal favorite when I'm doing a Penetration test. Gamja, obiWAN, BiDiBLAH, sitedigger, metaspoilt, viewstate decoder, blackwidow & ntoinsight are few other tools that'll help ya. BackTrack3 has been released. Even that could be of great help to you. Wish you all the best.... Cheers! Meenal A. Mukadam
-----Message d'origine----- De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De la part de GT GERONIMO, Frederick Joseph B. Envoyé : 7 juillet 2008 05:12 À : pen-test () securityfocus com Objet : Application Security Hello, I have been reading up on Application Security and Software Security Testing. I am interested tools you use in detecting any security bugs in business applications, may it be a web application, a C+ GUI, or what have you. Any opinion would be greatly appreciated. Thanks Fred This e-mail message (including attachments, if any) is intended for the use of the individual or the entity to whom it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and delete this E-mail message immediately. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
-- Meenal A. Mukadam ------------------------------------------------------------- Far away there in the sunshine are my highest aspirations. I may/maynot reach them, but I can look up and see their beauty, believe in them and try to follow where they lead ------------------------------------------------------------- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Application Security GT GERONIMO, Frederick Joseph B. (Jul 07)
- Re: Application Security kevin horvath (Jul 07)
- RE: Application Security Rivest, Philippe (Jul 07)
- Re: Application Security Meenal Mukadam (Jul 08)
- <Possible follow-ups>
- Re: Application Security abhishek . luck (Jul 08)