Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

RE: Code Review for Critical Application e.g Internet banking
From: "Andrew Chong" <andrewjw () singnet com sg>
Date: Fri, 21 Jul 2006 22:44:50 +0800

http://www.owasp.org/

Regards,

Andrew Chong (Singapore), cissp

-----Original Message-----
From: John Greiter [mailto:irm () iinet net au] 
Sent: Friday, July 21, 2006 9:11 PM
To: webappsec () securityfocus com
Subject: Code Review for Critical Application e.g Internet banking



Guys, 
 
I am thinking whether I can get a sample code or maybe a framework that
demonstrate the following:
- Authenticate user 
- How to move around between pages securely
- Idle period (automatic log off), etc
 
I am also looking for a baseline that describes the minimum or the
standard requirement for critical web application e.g. Internet Banking.
For instance I noticed that in most of the internet banking, the user is
required to enter the password by clicking the button in the sites, I
guess the reason to do such thing is to prevent key logger attack. 
 
Does anyone know where I can get such things? 
 
Thanks,
 
GG

------------------------------------------------------------------------
-
Sponsored by: Watchfire

AppScan 6.5 is now available! New features for Web Services Testing, 
Advanced Automated Capabilities for Penetration Testers, PCI Compliance 
Reporting, Token Analysis, Authentication testing, Automated JavaScript 
execution and much more. 
Download a Free Trial of AppScan today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=70150000000CYkc
------------------------------------------------------------------------
-

-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.3/394 - Release Date:
7/20/2006
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.394 / Virus Database: 268.10.3/394 - Release Date:
7/20/2006
 


-------------------------------------------------------------------------
Sponsored by: Watchfire

AppScan 6.5 is now available! New features for Web Services Testing, 
Advanced Automated Capabilities for Penetration Testers, PCI Compliance 
Reporting, Token Analysis, Authentication testing, Automated JavaScript 
execution and much more. 
Download a Free Trial of AppScan today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=70150000000CYkc
-------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]