Hi to all @securityfocus
I am on look out for some solutions to automate and imrove pentesting
setup of mine, i use an array of tools & alot of internal domains to
test atleast 10000 of them. I use SSS, Appscan etc for that.
I had a logical solution to make things simple by developing an API so
that i can run tools like
pentest -sss.exe -appscan.exe --www.targetsite.com /all options... or
something like that
I would like to get help on topics
a) some API's that are available for sss (related documentations)
b) some API for appscan (or related documentations)
c) some peek into tools that can sniff queries done from core of
these testing tools to the kernel (so that i can duplicate the
replies)
This is just a research level discussion. Please reply with your
valuable suggestions.
thanx for your time..
--
Vivek P Nair
Vice President, Technology
ASG
www.vivekpnair.co.nr
iamherevivek_at_gmail.com
vivek.p.nair_at_appingroup.com
d3_at_d Br_at_iN
"i thought i would change the world, But they wouldnt gimme the source Code !!"
-------------------------------------------------------------------------
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
Received on May 25 2007
Intro
