I don't get it, how can I use ear wax in a web app pen-test? Maybe social engineering: Give me your password or I'll leave this on your keyboard?
Adrian 2009/6/8 Paul Asadoorian <[email protected]> > I think the most important tool is the one between your ears :) > > Seriously, the best web application bugs are found by using the web > application, understanding what it does (preferably browse to all > functionality through your favorite web app proxy like webscarab), then > coming up with scenarios that might break it. Once you understand those > scenarios you can find/write tools to help execute your attack. > > However, you may also want to use some automated tools that will find > some points to start your manual testing. This is a different phase of > the test, but an important one. I would use tools such as Nikto, > grendel-scan, web spider, w3af, etc.. for this type of testing. > > Cheers, > Paul > > [email protected] wrote: > > Thanks for the feed back so far anyone else wants to state what testing > > framework or tools the are using preferably open source. > > > > Once I am finish the initial testing my next steps will be to lock it > > done, configure some sort of self sign cert for apache to use ssl > > instead of the native http for starters. > > > > Sent from my Verizon Wireless BlackBerry > > > > ------------------------------------------------------------------------ > > *From*: Johan Peder Møller > > *Date*: Mon, 8 Jun 2009 15:53:49 +0200 > > *To*: <[email protected]>; PaulDotCom Security Weekly Mailing > > List<[email protected]> > > *Subject*: Re: [Pauldotcom] Steps taken During a Web App Pentest > > > > Hi > > > > Given your "no buget" constraint, I'd go with something like OWASP Live > > CD (http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project). > > > > If you have a basic understanding of how web appls work, and how to > > attack them this should give you a starting point. As for the > > completeness of scannings I can't say. I myself is in the process of > > evaluating. > > > > rgds > > Johan Møller > > > > > > On Sat, Jun 6, 2009 at 8:55 PM, <[email protected] > > <mailto:[email protected]>> wrote: > > > > Hello All: > > > > I am task with doing a basic web app pentest of a server that we are > > about to given external users access too. > > > > Background: > > > > I work for a university no security department, no budget to hire a > > auditor. > > > > We are about to put one of our training servers on our DMZ this way > > Faculty and Staff members can access it from home for Microsoft and > > other application video tutorials. > > > > > > Since my boss is aware that I am interested in infosec I was given > > the green light to test the app/server and report back anything that > > can aid in locking it down. > > > > Question: > > > > Since there are so much tools and ways to go about this I would like > > to know how do others go about a web app pentest, don't have to give > > away any trade secrets :)-. > > > > I am just looking for an efficient way to go about this! > > > > > > Specs: > > > > OS: Windows 2003 running in a VMware, ESX 3.5. > > > > Application: Training package, with a bundled windows version of a > > LAMP setup. > > > > Acess Method: http. > > > > Thanks in advance. > > Sent from my Verizon Wireless BlackBerry > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] <mailto: > [email protected]> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > -- > Paul Asadoorian > PaulDotCom Enterprises > Web: http://pauldotcom.com > Phone: 401.829.9552 > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
