Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Hacking and Building Web Applications
From: "Swaminathan, Balaji" <Balaji.Swaminathan () kla-tencor com>
Date: Thu, 7 Jan 2010 17:30:24 +0530


Thanks. How about trying Xmapp and Damn Vulnerable Web Application and
testing them? I came to know about this from someone. Also is OWASP the
best methodology to follow? 

Regards,

Balaji Swaminathan .M



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of J. Bakshi
Sent: Tuesday, January 05, 2010 6:14 AM
To: Swaminathan, Balaji
Cc: pen-test () securityfocus com
Subject: Re: Hacking and Building Web Applications

On Mon, 4 Jan 2010 20:46:40 +0530
"Swaminathan, Balaji" <Balaji.Swaminathan () kla-tencor com> wrote:

<snip>
Hi all,

 Just started learning abt penetrating Web applications since last 1
month which is going to be my part of job shortly. To start with, I am
basically not from the programming background. So spending time in
learning them starting with Javascript, ASP, SQL, PHP etc (assuming

Testing and Hacking Methodologies (similar to OWASP, SANS etc) 
 
</snip>

- To check the webserevr for security hole you can use nikto
- To check the server for hole you can use openvas
- Try bcktrack distro.

Thanks


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]