SlideShare a Scribd company logo

Security testing addons

Deepu S Nath
Deepu S Nath
Technology
1 of 6
Download to read offline
Essential Security Testing Addons Sreenath
3 Essential Security Add-ons for Devs v HackSearch v XSS Me v SQL inject Me
HackSearch v  Unwanted pages crawled by Google bot v  Backlinks v  Exposed Data v  Exposed FilesExposed Emails v  Whois v  DNS (Health and Information) v  Antivirus site approval v  Builtwith Technologies
XSSMe v  XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS). It does NOT currently test for stored XSS.rnrn v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack.rnrn. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. v  There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.rnrn v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
SQL Inject Me v  SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities. v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack. v  The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool. v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
Thank you

Recommended

No sql injection in meteor.js application
No sql injection in meteor.js applicationNo sql injection in meteor.js application
No sql injection in meteor.js applicationDesignveloper
 
Is word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsIs word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsssusercc9654
 
Sifting through twitter
Sifting through twitterSifting through twitter
Sifting through twittervolvent
 
Coffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlCoffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlDeepu S Nath
 
Cross Device UI Designing
Cross Device UI DesigningCross Device UI Designing
Cross Device UI DesigningDeepu S Nath
 
Getting ready for the cloud iaa s
Getting ready for the cloud iaa sGetting ready for the cloud iaa s
Getting ready for the cloud iaa sDeepu S Nath
 
Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Deepu S Nath
 
Tech bites
Tech bitesTech bites
Tech bitesDeepu S Nath
 

Recommended

No sql injection in meteor.js application
No sql injection in meteor.js applicationNo sql injection in meteor.js application
No sql injection in meteor.js applicationDesignveloper
 
Is word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsIs word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsssusercc9654
 
Sifting through twitter
Sifting through twitterSifting through twitter
Sifting through twittervolvent
 
Coffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlCoffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlDeepu S Nath
 
Cross Device UI Designing
Cross Device UI DesigningCross Device UI Designing
Cross Device UI DesigningDeepu S Nath
 
Getting ready for the cloud iaa s
Getting ready for the cloud iaa sGetting ready for the cloud iaa s
Getting ready for the cloud iaa sDeepu S Nath
 
Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Deepu S Nath
 
Tech bites
Tech bitesTech bites
Tech bitesDeepu S Nath
 
Exploring Node.jS
Exploring Node.jSExploring Node.jS
Exploring Node.jSDeepu S Nath
 
Saa s
Saa sSaa s
Saa sDeepu S Nath
 
Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanFront end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanDeepu S Nath
 
SEO For Developers
SEO For DevelopersSEO For Developers
SEO For DevelopersDeepu S Nath
 
Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Deepu S Nath
 
Advanced visualization
Advanced visualizationAdvanced visualization
Advanced visualizationDeepu S Nath
 
Coffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesCoffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesDeepu S Nath
 
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...Deepu S Nath
 
Microsoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveMicrosoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveDeepu S Nath
 
Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Webandres1422
 
T04505103106
T04505103106T04505103106
T04505103106IJERA Editor
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingInMobi Technology
 
FORENSIC PRESTTN
FORENSIC PRESTTNFORENSIC PRESTTN
FORENSIC PRESTTNRufa'i Mustapha
 
Xss 101
Xss 101Xss 101
Xss 101n|u - The Open Security Community
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxAjayKumar73315
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
 
04. xss and encoding
04. xss and encoding04. xss and encoding
04. xss and encodingEoin Keary
 
ieee
ieeeieee
ieeeRadheshyam Dhakad
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting toolBhagyashri Chalakh
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 

More Related Content

Viewers also liked

Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanFront end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanDeepu S Nath
 
SEO For Developers
SEO For DevelopersSEO For Developers
SEO For DevelopersDeepu S Nath
 
Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Deepu S Nath
 
Advanced visualization
Advanced visualizationAdvanced visualization
Advanced visualizationDeepu S Nath
 
Coffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesCoffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesDeepu S Nath
 
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...Deepu S Nath
 
Microsoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveMicrosoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveDeepu S Nath
 

Viewers also liked (9)

Exploring Node.jS
Exploring Node.jSExploring Node.jS
Exploring Node.jS
 
Saa s
Saa sSaa s
Saa s
 
Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanFront end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
 
SEO For Developers
SEO For DevelopersSEO For Developers
SEO For Developers
 
Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016
 
Advanced visualization
Advanced visualizationAdvanced visualization
Advanced visualization
 
Coffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesCoffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 properties
 
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
 
Microsoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveMicrosoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing Perspective
 

Similar to Security testing addons

Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Webandres1422
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingInMobi Technology
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxAjayKumar73315
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
 
04. xss and encoding
04. xss and encoding04. xss and encoding
04. xss and encodingEoin Keary
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting toolBhagyashri Chalakh
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
xss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdfxss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdfyashvirsingh48
 
Attackers Vs Programmers
Attackers Vs ProgrammersAttackers Vs Programmers
Attackers Vs Programmersrobin_bene
 
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Yuji Kosuga
 
AtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny WyattAtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny WyattAtlassian
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
香港六合彩
香港六合彩香港六合彩
香港六合彩baoyin
 

Similar to Security testing addons (20)

Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Web
 
T04505103106
T04505103106T04505103106
T04505103106
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site Scripting
 
FORENSIC PRESTTN
FORENSIC PRESTTNFORENSIC PRESTTN
FORENSIC PRESTTN
 
Xss 101
Xss 101Xss 101
Xss 101
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthan
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptx
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSS
 
04. xss and encoding
04. xss and encoding04. xss and encoding
04. xss and encoding
 
ieee
ieeeieee
ieee
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting tool
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
xss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdfxss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdf
 
Attackers Vs Programmers
Attackers Vs ProgrammersAttackers Vs Programmers
Attackers Vs Programmers
 
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
 
AtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny WyattAtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny Wyatt
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 

More from Deepu S Nath

Design Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation DesignDesign Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation DesignDeepu S Nath
 
GTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework IntroGTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework IntroDeepu S Nath
 
Future of learning - Technology Disruption
Future of learning - Technology DisruptionFuture of learning - Technology Disruption
Future of learning - Technology DisruptionDeepu S Nath
 
Decentralized Applications using Ethereum
Decentralized Applications using EthereumDecentralized Applications using Ethereum
Decentralized Applications using EthereumDeepu S Nath
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisionsDeepu S Nath
 
Artificial Intelligence: An Introduction
Artificial Intelligence: An Introduction Artificial Intelligence: An Introduction
Artificial Intelligence: An IntroductionDeepu S Nath
 
FAYA PORT 80 Introduction
FAYA PORT 80 IntroductionFAYA PORT 80 Introduction
FAYA PORT 80 IntroductionDeepu S Nath
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisionsDeepu S Nath
 
Simplified Introduction to AI
Simplified Introduction to AISimplified Introduction to AI
Simplified Introduction to AIDeepu S Nath
 
Mining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoinMining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoinDeepu S Nath
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsDeepu S Nath
 
REACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScriptREACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScriptDeepu S Nath
 
Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization Deepu S Nath
 
Uncommon Python - What is special in Python
Uncommon Python - What is special in PythonUncommon Python - What is special in Python
Uncommon Python - What is special in PythonDeepu S Nath
 
Techbites July 2015
Techbites July 2015Techbites July 2015
Techbites July 2015Deepu S Nath
 
Apple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer EngineApple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer EngineDeepu S Nath
 
Greetings & Response - English Communication Training
Greetings & Response - English Communication TrainingGreetings & Response - English Communication Training
Greetings & Response - English Communication TrainingDeepu S Nath
 
Hybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - XamarinHybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - XamarinDeepu S Nath
 
Internet of Things - The new Paradigmn
Internet of Things - The new ParadigmnInternet of Things - The new Paradigmn
Internet of Things - The new ParadigmnDeepu S Nath
 
Comparing Swift features with Objective C
Comparing Swift features with Objective CComparing Swift features with Objective C
Comparing Swift features with Objective CDeepu S Nath
 

More from Deepu S Nath (20)

Design Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation DesignDesign Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation Design
 
GTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework IntroGTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework Intro
 
Future of learning - Technology Disruption
Future of learning - Technology DisruptionFuture of learning - Technology Disruption
Future of learning - Technology Disruption
 
Decentralized Applications using Ethereum
Decentralized Applications using EthereumDecentralized Applications using Ethereum
Decentralized Applications using Ethereum
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisions
 
Artificial Intelligence: An Introduction
Artificial Intelligence: An Introduction Artificial Intelligence: An Introduction
Artificial Intelligence: An Introduction
 
FAYA PORT 80 Introduction
FAYA PORT 80 IntroductionFAYA PORT 80 Introduction
FAYA PORT 80 Introduction
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisions
 
Simplified Introduction to AI
Simplified Introduction to AISimplified Introduction to AI
Simplified Introduction to AI
 
Mining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoinMining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoin
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
REACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScriptREACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScript
 
Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization
 
Uncommon Python - What is special in Python
Uncommon Python - What is special in PythonUncommon Python - What is special in Python
Uncommon Python - What is special in Python
 
Techbites July 2015
Techbites July 2015Techbites July 2015
Techbites July 2015
 
Apple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer EngineApple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer Engine
 
Greetings & Response - English Communication Training
Greetings & Response - English Communication TrainingGreetings & Response - English Communication Training
Greetings & Response - English Communication Training
 
Hybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - XamarinHybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - Xamarin
 
Internet of Things - The new Paradigmn
Internet of Things - The new ParadigmnInternet of Things - The new Paradigmn
Internet of Things - The new Paradigmn
 
Comparing Swift features with Objective C
Comparing Swift features with Objective CComparing Swift features with Objective C
Comparing Swift features with Objective C
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Recently uploaded (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Security testing addons

  • 1. Essential Security Testing Addons Sreenath
  • 2. 3 Essential Security Add-ons for Devs v HackSearch v XSS Me v SQL inject Me
  • 3. HackSearch v  Unwanted pages crawled by Google bot v  Backlinks v  Exposed Data v  Exposed FilesExposed Emails v  Whois v  DNS (Health and Information) v  Antivirus site approval v  Builtwith Technologies
  • 4. XSSMe v  XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS). It does NOT currently test for stored XSS.rnrn v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack.rnrn. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. v  There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.rnrn v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
  • 5. SQL Inject Me v  SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities. v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack. v  The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool. v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.