PaulDotCom mailing list archives
Re: SharePoint Auditing
From: "S. R. White" <swprofile () yahoo com>
Date: Thu, 24 Mar 2011 11:15:06 -0700 (PDT)
Hi Ian, From a penetration testing perspective, information (and a tool or two) for testing (mostly permissions and URL access) can be found at http://www.stachliu.com/resources/tools/sharepoint-hacking-diggity-project/ I would suggest viewing the following presentation before digging into the tools as well: http://www.stachliu.com/wp-content/uploads/2011/02/ISSA-Phx-SharePoint_Security-05_Oct_2010.pdf In this presentation there are some security related tools/web parts you can install and use to check for issues as well. (See slide 28, http://sushi.codeplex.com/, and some others mixed in there...) Hope this helps... Scott ________________________________ From: "Allison, Ian" <Ian.C.Allison () am sony com> To: "pauldotcom () mail pauldotcom com" <pauldotcom () pdc-mail pauldotcom com> Sent: Thu, March 24, 2011 9:47:22 AM Subject: [Pauldotcom] SharePoint Auditing I am going to be starting a security review that also covers a SharePoint installation. I have a few decent resources and will be using Sharepoint Regex Search to search for “interesting” data. I have gone over the Microsoft SharePoint security document and it does an ok job but it is more of a planning document. Does anyone on this list have any good SharePoint security, SharePoint auditing resources or applications they have used before? Thanks, Ian
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- SharePoint Auditing Allison, Ian (Mar 24)
- Re: SharePoint Auditing S. R. White (Mar 24)
- Re: SharePoint Auditing Allison, Ian (Mar 24)
- Re: SharePoint Auditing S. R. White (Mar 24)
- Re: SharePoint Auditing S. R. White (Mar 24)