look into a proxy for web app testing such as burp proxy, paros, or
webscarab. Additionally you will also find a fuzzer very useful in
which burp has a very good one. There are commercial app scanners out
there that are pretty good at finding the low hanging fruit such as
XSS but to manually test everything you will spend most of your time
in a proxy.
Kevin
On Mon, Jul 7, 2008 at 5:12 AM, GT GERONIMO, Frederick Joseph B.
<fbgeronimo_at_globetel.com.ph> wrote:
> Hello,
>
> I have been reading up on Application Security and Software Security
> Testing. I am interested tools you use in detecting any security bugs in
> business applications, may it be a web application, a C+ GUI, or what
> have you.
>
> Any opinion would be greatly appreciated. Thanks
>
>
> Fred
>
> This e-mail message (including attachments, if any) is intended for the use of the individual or the entity to whom it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and delete this E-mail message immediately.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on Jul 07 2008
Intro
