Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: WAF Testing..suggestions??

From: Dotzero <dotzero () gmail com>
Date: Fri, 27 Aug 2010 15:59:57 -0400
Try waffit - http://code.google.com/p/waffit/source/checkout

On Mon, Aug 23, 2010 at 11:16 AM, false <jctx09 () yahoo com> wrote:

I need to test my WAF. I want to set up a simple network in the lab like this:
XP or Linux client <--> WAF <--> Honeypot/test webserver

1) Does anyone have any suggestions on what I can use to simulate/generate attacks/suspicous traffic towards the 
weberver from my client?

2) Is there a honeypot image out there that I can download that would be good to be the role of my test
webserver?

Any suggestions or ideas are very much appreciated.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: