Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Web Pen Test Honeypot

RE: Web Pen Test Honeypot

From: Paul Melson <pmelson_at_gmail.com>
Date: Fri, 11 Jul 2008 11:37:52 -0400

> What I need is a web application that has known security issues. I would
> prefer one that was intentionally written to have scanners pointed to it
> for testing the scanners.

http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://www.foundstone.com/us/resources/proddesc/hacmebank.htm
http://hackme.ntobjectives.com/

Be aware that most of the tools out there have been tested against these
test sites already and will find most of their vulnerabilities. It's not
really a realistic evaluation of how they will fare against your site and
its applications. But it will definitely put high-severity findings on the
report.

PaulM

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Jul 11 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos