WebApp Sec mailing list archives
Re: Any special tool for testing a web chat application?
From: Irene Abezgauz <irene.abezgauz () gmail com>
Date: Thu, 5 Feb 2009 13:07:40 +0100
Barry - are there specific problems you are encountering? If you provide more information it may be easier to help. Other than that I agree with Rogan, the proxy intercepting a lot of spam is usually the biggest annoyance in applications that are alive and constantly updating. Paros also has a configurable intercept filter which you can easily use to solve that one. Irene
On Thu, Feb 5, 2009 at 9:56 AM, Rogan Dawes <lists () dawes za net> wrote:Barry Archer wrote:I need to test a web chat application. I was wondering if there's any recommendations on a special tool and/or approach that might be the best. Right now I'm looking at: Nessus A full web application scanner (HP/SPI,AppsScan,or Cenzic) A proxy for manual testing (WebScarab, Paros, etc) Sorry if this is a silly question, but chat seems like it's smaller in scope but harder for that initial automated scan. Thanks BaFor what it is worth, when testing AJAXy web apps, you probably want to use a scriptable proxy, as you would otherwise be hammered with intercepts every time the script polls for an update. WebScarab supports using BeanShell (or, with a bit of work, your BSF-supported language of choice) to automatically make whatever modifications you choose. Regards, Rogan ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- Any special tool for testing a web chat application? Barry Archer (Feb 05)
- Re: Any special tool for testing a web chat application? Rogan Dawes (Feb 05)
- Message not available
- Re: Any special tool for testing a web chat application? Irene Abezgauz (Feb 05)
- Re: Any special tool for testing a web chat application? Rogan Dawes (Feb 05)
- Re: Any special tool for testing a web chat application? Barry Archer (Feb 05)
- Re: Any special tool for testing a web chat application? Steve Pinkham (Feb 06)
- Message not available
- Re: Any special tool for testing a web chat application? Rogan Dawes (Feb 05)
- <Possible follow-ups>
- Re: Any special tool for testing a web chat application? K (Feb 05)