Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mastercard SDP compliance testing.

From: nurifattah () gmail com
Date: 23 Aug 2006 07:29:27 -0000
a few things I can advise you on:

1) make sure you have someone to test during the night. If i remember correctly we had 24 hours to test everything, so 
you should have someone there to test through the night as well as in the day

2) Make sure your findings (in the report) are backed up with the correct CVE's and BID's.

3) Its a pretty easy test to do, and you should be comfortable with exploiting xss, sql, oracle as well as others.

good luck

Nuri

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: