Home page logo
/

basics logo Security Basics mailing list archives

Re: Testing for SQL injection or Cross Site scripting
From: Dale Stirling <dale () puredistortion com>
Date: Thu, 5 Nov 2009 22:32:10 +1100

Have a look at the SamuariWTF Live CD:
http://samurai.inguardians.com

Has great tools like w3af and BeEF. Well worth a look at.

Also sslsniff and sslstrip by Moxie Marlinspike which are some great tools:
http://www.thoughtcrime.org/software.html

Also look at Mutillidae from irongeek.com
(http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10)
and Damn Vulnerable Web App
(www.ethicalhack3r.co.uk/damn-vulnerable-web-app) as these are great
testing environment for testing tools.

Dale

Also

On Thu, Oct 8, 2009 at 2:22 AM, Fabien Vincent <fabvincent () gmail com> wrote:
Hi Scott,

Firefox + XSS ME / SQL Inject Me from SecurityCompass

With this kind of tools, you can add your own XSS / SQL Injection values /tests.

Perhaps, you can check OWASP website, I don't remember if there's a
webpage for known or useful tools.

Regards,

-------------------------------------------------------------------
FV



On Wed, Oct 7, 2009 at 01:57, Scott Race <scott () jda-networks com> wrote:
Hey everyone,
Does anyone know of any free SQL injection or XSS tools to scan a single
website?  I checked out Acunetix and a few other tools, but they are
pretty expensive.  Not that I don't want to support vendors who make
good tools, but this project isn't going to make much $$, so free tools
are our only option if we want to scan to see where we're at.

Thanks in advance!



Scott

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]