WebApp Sec mailing list archives
testing web app security
From: Michael Cunningham <crayola () optonline net>
Date: Fri, 19 Mar 2004 14:33:52 -0500
Folks, I am going to have to take on the task of testing software applications my company produces as they roll through the QA/UAT process for security concerns (can't hire anyone and software to automate the testing seems to be very expensive). They are mainly web based applications with a database backend and some custom java and C programs. I am aware of how sql injection, buffer overflows, cross site scripting, and other security programming problems work, but I dont have a whole lot of experience applying this knowledge to application testing. Are there any training courses or documents/books you can suggest that would help me learn the skills I need to make this happen? Does anyone have a site that lists tools (open source preferred) That I could use to help me test these applications? Thanks for any help you can offer, Mike
Current thread:
- testing web app security Michael Cunningham (Mar 19)
- Re: testing web app security A.D. Douma (Mar 19)
- Re: testing web app security Ivan Ristic (Mar 20)
- Re: testing web app security Felipe Moniz de Aragao (Mar 19)
- RE: testing web app security Mark Curphey (Mar 19)
- Re: testing web app security Steve Suehring (Mar 19)
- <Possible follow-ups>
- RE: testing web app security Weiler, Jim (Mar 31)
- Re: testing web app security A.D. Douma (Mar 19)