Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Web Pen Test Honeypot

Re: Web Pen Test Honeypot

From: Thanasis Kostopoulos <a.kostopoulos_at_gmail.com>
Date: Sat, 12 Jul 2008 15:18:48 +0200

Jeff Robertson wrote:
> Surely you mean WebGoat?
>
> On Fri, Jul 11, 2008 at 9:13 AM, Thanasis Kostopoulos
> <a.kostopoulos_at_gmail.com> wrote:
>
>> OWASPs WebScarab
>>
>> On Tue, Jul 8, 2008 at 11:39 PM, John Evans <admin_at_kilnar.com> wrote:
>>
>>> Greetings,
>>>
>>> I am in the middle of evaluating the wide variety of web security
>>> pen-test tools that exist. I'm currently pointing each piece of software
>>> to a site that I have written. None of the tools are finding issues.
>>>
>>> My task right now is to find the right tool for the job, and the job is
>>> finding web-based security issues. Either the tools are not working, or
>>> my site is secure. I'm not willing to put money on which of the two is
>>> true. :)
>>>
>>> What I need is a web application that has known security issues. I would
>>> prefer one that was intentionally written to have scanners pointed to it
>>> for testing the scanners.
>>>
>>> Does such a thing exist? I hope so, because I hardly have time right now
>>> to write even the simplest web application that has all of the various
>>> holes that I need to test for.
>>>
>>> If someone could point me to a "web honeypot" that I could install in my
>>> own environment I would appreciate it.
>>>
>>> Thanks.
>>>
>>>
>>> --
>>> John Evans
>>> Administrator of kilnar.com
>>>
>>> -------------------------------------------------------------------------
>>> Sponsored by: Watchfire Methodologies & Tools for Web Application Security
>>> Assessment With the rapid rise in the number and types of security threats,
>>> web application security assessments should be considered a crucial phase in
>>> the development of any web application. What methodology should be followed?
>>> What tools can accelerate the assessment process? Download this Whitepaper
>>> today!
>>> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
>>> -------------------------------------------------------------------------
>>>
>>>
>>>
>> -------------------------------------------------------------------------
>> Sponsored by: Watchfire
>> Methodologies & Tools for Web Application Security Assessment
>> With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
>>
>> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
>> -------------------------------------------------------------------------
>>
>>
>>
>
>
Indeed :)
Sorry that was a hasty post :)

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Jul 15 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos