• Save
Web Application Security Testing Tools
Upcoming SlideShare
Loading in...5
×
 

Web Application Security Testing Tools

on

  • 2,044 views

 

Statistics

Views

Total Views
2,044
Slideshare-icon Views on SlideShare
2,034
Embed Views
10

Actions

Likes
2
Downloads
0
Comments
1

3 Embeds 10

http://www.linkedin.com 6
http://www.progate.vn 3
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • Hi aNhuan Lai-Duc,

    Thanks for your useful presentation.

    Can you share me this slide? If possible, my e-mail is: tuanvu1109@gmail.com
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Web Application Security Testing Tools Web Application Security Testing Tools Presentation Transcript

    • Software Development CenterWeb Application Security Testing Tools Created by: Nhuan Lai-Duc Effective date: December 09, 2012 Version: 1.0 Template ID: Base_Template_ODP_1_0.otp
    • Document ControlVersion Change description Changed by Date Approved by Date0.1 Initiate Nhuan Lai-Duc November 29, 2012 N/A N/A1.0 Format update Nhuan Lai-Duc December 09, 2012 Nhuan Lai-Duc December 09, 2012Web Application Security Testing Tools 2
    • Review RecordVersion Defects Type Severity Reviewed by Date0.1 Format W Minor Nhuan Lai-Duc December 09, 2012Types:A – Ambiguous (something described unclearly, unintelligibly)M – Missing (something needs to be there but is not)W – Wrong (something is erroneous with something else)E – Extra (something unnecessary is present)Severity:Fatal, Major, Minor, CosmeticWeb Application Security Testing Tools 3
    • Agenda  Introduction  Top 10 most critical web app security risks  OWASP: Open Web App Security Project  OWASP Top 10 for 2010  Web app security testing tools  Use security testing tools to test your web app  Security report for your web app  Plan to deal with prioritized security issues  Open issuesWeb Application Security Testing Tools 4
    • Introduction  ISO 25010: Software Quality Requirements  ISO 25010: 3 Quality Models  System / Software Product Quality  Data Quality  Quality In Use  System / Software Product Quality  8 characteristics  Broken down to 31 sub-characteristics  Security  1 / 8 characteristics  5 sub-characteristics  Web app security: Guarantee system / software quality!Web Application Security Testing Tools 5
    • Top 10 most critical web app security risks  OWASP: The Open Web Application Security ProjectWeb Application Security Testing Tools 6
    • Web Application Security Testing Tools  Each tool for each web app security riskWeb Application Security Testing Tools 7
    • Web Application Security Testing Tools  Injection: W3AF  Cross Site Scripting: ZAP  Broken Authentication & Session Management: HackBar  Insecure Direct Object References: Burp suite  Cross Site Request Forgery: Tamper Data  Security Misconfiguration: Watobo  Failure to Restrict URL Access: Wikto  Insecure Cryptographic Storage: N/A  Insufficient Transport Later Protection: Calomel Add-on  Unvalidated Redirects and Forwards: WatcherWeb Application Security Testing Tools 8
    • Web App Security Testing Tool: W3AFWeb Application Security Testing Tools 9
    • Web App Security Testing Tool: ZAPWeb Application Security Testing Tools 10
    • Web App Security Testing Tool: HackbarWeb Application Security Testing Tools 11
    • Web App Security Testing Tool: Burp SuiteWeb Application Security Testing Tools 12
    • Security Testing Tool: Tamper DataWeb Application Security Testing Tools 13
    • Web App Security Testing Tool: WatoboWeb Application Security Testing Tools 14
    • Web App Security Testing Tool: WiktoWeb Application Security Testing Tools 15
    • Security Testing Tool: Calomel Add-onWeb Application Security Testing Tools 16
    • Web App Security Testing Tool: WatcherWeb Application Security Testing Tools 17
    • Security Testing Tools: Test Your Web App  TBDWeb Application Security Testing Tools 18
    • Security Testing Tools: Security Report For Your Web App  TBDWeb Application Security Testing Tools 19
    • Security Testing Tools: Plan: Deal With Prioritized Security Issues  TBDWeb Application Security Testing Tools 20
    • Questions & Answers ?Web Application Security Testing Tools 21
    • Thanks for your attention!Web Application Security Testing Tools 22