Penetration Testing mailing list archives
RE: Required Help on Automated Tools
From: "Bhalla, Nishchal" <Nish () SECURITYCOMPASS COM>
Date: Wed, 15 Oct 2008 13:46:02 -0500
We at security compass just released an updated verion of some of our Exploit me plugins for firefox (XSSMe, SQLInjectMe, AccessMe). They are all FF3 compatible and are available for download either through our site (http://securitycompass.com/exploitme.shtml ) or through the addons' site (https://addons.mozilla.org/en-US/firefox/search?q=&cat=1,12&show=20&page=10). Let me know if you face any issues with these tools. They are pretty straight forward to use. Nish. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Leverett, Eireann (GE Infra, Energy) Sent: Wednesday, October 15, 2008 6:03 AM To: pen-test () securityfocus com Subject: RE: Required Help on Automated Tools Noxious, SQL-Injection and XSS can be tested with ServiceTest by HP/Mercury. You will still need to write some aspects of the scripts yourself, but much of the basic overhead is done for you, assuming your webservices have WSDLs defined and you can get at them. Essentially, I would recommend this tool for source-code assisted/white box testing. If you are looking for a black box testing tool (which I suspect you are), use something else. Éireann Leverett CSSA -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Vin Oxious Sent: 14 October 2008 19:33 To: pen-test () securityfocus com Subject: Required Help on Automated Tools Hello Everyone, Greetings !! ..Can you please list me some tools that would allow automated testing of the below ... ( while I have already got a few tools .. just wanted to know if there are some good ones ) .. SQL Injection - XSS - Improper Session Management - URL Access - Direct Object Reference - regards, Noxious ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Re: Required Help on Automated Tools, (continued)
- Re: Required Help on Automated Tools Christian Martorella (Oct 15)
- Re: Required Help on Automated Tools Matt - MRS Security (Oct 15)
- Re: Required Help on Automated Tools Dharmendra T (Oct 16)
- RE: Required Help on Automated Tools Prodigi Child (Oct 16)
- Re: Required Help on Automated Tools Marian Rudzynski (Oct 16)
- Re: Required Help on Automated Tools Omar Herrera (Oct 16)
- Re: Required Help on Automated Tools Taufiq Ali (Oct 17)
- Re: Required Help on Automated Tools Dharmendra T (Oct 16)
- Re: Required Help on Automated Tools nnp (Oct 15)
- Re: Required Help on Automated Tools Taufiq Ali (Oct 16)
- RE: Required Help on Automated Tools Leverett, Eireann (GE Infra, Energy) (Oct 15)
- RE: Required Help on Automated Tools Bhalla, Nishchal (Oct 15)