WebApp Sec mailing list archives

RE: Guidlines for Testing Web Applications

From: "Ramirez, Manuel N (CORP, DDEMESIS)" <Manuel.Ramirez () ddemesis ge com>
Date: Thu, 20 Mar 2003 15:38:48 -0500

I'm sure some of these tools will be very useful for you. Just please don't use them against us =)
 
http://www.webhackingexposed.com/tools.html
 
The hacking web applications exposed book is a very good guide to define what you have to do with regards to security 
testing.
 
Best regards,
Manuel

        -----Mensaje original----- 
        De: Lecia McCalla [mailto:lmccalla () fsl org jm] 
        Enviado el: Jue 20/03/2003 08:28 a.m. 
        Para: webappsec () securityfocus com 
        CC: 
        Asunto: Guidlines for Testing Web Applications
        
        

        All,
        
        I am a Business Analyst/Trainer at the company where I work.  I am now
        required to assist in the testing of web applications with the focus on
        the security aspect. Where as I have experience in testing, I have no
        experience in security as it relates to web applications.  Can you help
        me?  When testing a web application with focus on security what do I
        look for?  Are there any written guidelines that I should follow?  So
        far I have been researching SSL and SQL Injections.  Any ideas?
        
        NOTE:
        I am a fast learner. :-)

Current thread:

RE: Guidlines for Testing Web Applications Nelson, Ernie (Mar 20)
- <Possible follow-ups>
- RE: Guidlines for Testing Web Applications Ramirez, Manuel N (CORP, DDEMESIS) (Mar 20)
  - Re: Guidlines for Testing Web Applications Dave Aitel (Mar 21)
- RE: Guidlines for Testing Web Applications David Endler (Mar 20)
- Re: Guidlines for Testing Web Applications Craig_Sullivan (Mar 26)