Security Basics mailing list archives
Re: Web Application Testing
From: "Fabio Cerullo" <fcerullo () gmail com>
Date: Tue, 8 May 2007 22:21:50 +0100
Thank you very much for the feedback. It is really much appreciated. I will go after Chris suggestion (SpyDynamics) if budget allows it. Mesut, have you tried Acunetix Vulnerability Scanner? Thanks again, Fabio On 5/8/07, Chris Barber <cmbarber () gmail com> wrote:
SpyDynamics has a package that does just what you described. I have used it in the past and it works great. Infact, I used it on a COTS package that my company was thinking about using and we found a huge flaw in the way it handled userids passwords. We notified the publisher and they were non-believers until we demoed the flaw to them in person. They fixed the problem imediately, and we eventually did buy the package, after a retest with SpyDynamics' tool. Chris. On 5/8/07, Fabio Cerullo <fcerullo () gmail com> wrote: > Hello all, > > is there any guide/tool which could help someone to do a web > application security assessment? > > I mean... an automated tool that you could fire against the app. and > will give you a report or some kind of checklist to go through in > order to reinforce security. > > I remember from old days to have used Webtrends but i don't know if > there is something new in the market. > > Any help will be really appreciated. > > Thank you very much. > > Fabio >
Current thread:
- Web Application Testing Fabio Cerullo (May 08)
- Re: Web Application Testing phillip () cryptolife org (May 08)
- Re: Web Application Testing Chris Barber (May 08)
- Re: Web Application Testing Fabio Cerullo (May 08)
- Re: Web Application Testing M. Groen (May 09)
- RE: Web Application Testing Darren Webb (May 09)
- Re: Web Application Testing Fabio Cerullo (May 08)
- <Possible follow-ups>
- FW: Web Application Testing winsoc (May 10)