Home page logo
/

basics logo Security Basics mailing list archives

Re: Basic security tests for web management application
From: "Adam Pal" <pal_adam () gmx net>
Date: Thu, 17 Apr 2008 17:23:57 +0200

Hi Ishay

Maybe trying something like 
-provide wrong parameters
-guess the login mechanism and crash it
-inject the login mask
-if parameters provided with GET attack the URL
-modify the login reply (for instance using paros)
-run a dictionary attack against the login


cheers

Adam

-------- Original-Nachricht --------
Datum: Thu, 17 Apr 2008 11:58:30 +0300
Von: Ishay <ishaybs () gmail com>
An: security-basics () securityfocus com
Betreff: Basic security tests for web management application

Hello list,

Our product’s management is done via WEB application.
The first page of the WEB application is a login page.

I am wondering what basic security tests (pen tests?) I need to do and 
what tools should I use.

I will appreciate your help with it.

Thanks,
Ishay

-- 
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]