[Info-vax] [OT] Wulnerability code analysys ?
gce at gce.com
gce at gce.com
Tue Jan 15 14:47:10 EST 2013
On Friday, January 11, 2013 8:00:28 AM UTC-5, DTL wrote:
> Hello Happy Tax Payers,
>
>
>
> Happy New Year from Geneva (I relocated)
>
>
>
> I have a Web Applications vulnerability audit to perform.
>
> I read all the stuff I found in the OWASP site, and did many Google searches.
>
>
>
> Does someone around have any recommendations to start? Or should I stick to OpenVAS, Nikto and other php code analysis tools?
>
>
>
> Thanks.
>
>
>
> DTL
>
> www.ikare.ch
There's a bootable thing called Backtrack that can be used to prod web applications if you want to use it. It contains a number of tools, though
it is Linux based (bootable media).
In general there are a number of canned programs that will look for vulnerabilities - things like webinspect, appscan, nessus.... Some do better
than others and all need manual inspection of "findings" to see if they are
real issues. Looking for vulnerabilities with tools like proxies and so on
that let you tweak HTML is more of a hand operation and requires thinking
about what you see.
It is of course worth asking the developers, if they are available, about how they authenticate anyone and how the auth parts of their programs/sites work, as
that is a good place to start poking. It will help you form hypotheses about what might be weak links. Ask about session cookies and so on also.
Glenn Everhart
More information about the Info-vax
mailing list