Penetration Testing mailing list archives
RE: OWASP Top 10 penetration testing software?
From: "Adam Behnke" <adam () infosecinstitute com>
Date: Mon, 5 Mar 2012 11:46:05 -0600
You may want to check out this, it is a summary of each of the OWASP Top 10, as well as a open source tool you can use to test for it: http://resources.infosecinstitute.com/owasp-top-10-tools-and-tactics/ -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of psiinon Sent: Monday, March 05, 2012 5:17 AM To: Zaki Akhmad Cc: pen-test () securityfocus com Subject: Re: OWASP Top 10 penetration testing software? Hi Zaki, I this case I was refering to automated scanners, which wont detect everything :) Yes, penetration testing can find things like insecure cryptographic storage. However to be sure you really need to have access to the servers (esp databases) and the source code. Cheers, Simon ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: OWASP Top 10 penetration testing software? Zaki Akhmad (Mar 05)
- Re: OWASP Top 10 penetration testing software? psiinon (Mar 05)
- RE: OWASP Top 10 penetration testing software? Adam Behnke (Mar 05)
- Re: OWASP Top 10 penetration testing software? psiinon (Mar 05)