Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

Introduction to web application security testing Slide 1 Introduction to web application security testing Slide 2 Introduction to web application security testing Slide 3 Introduction to web application security testing Slide 4 Introduction to web application security testing Slide 5 Introduction to web application security testing Slide 6 Introduction to web application security testing Slide 7 Introduction to web application security testing Slide 8 Introduction to web application security testing Slide 9
Upcoming SlideShare
Club booklet 2011 1012 term2
Next
Download to read offline and view in fullscreen.

1 Like

Share

Download to read offline

Introduction to web application security testing

Download to read offline

A brief overview of common techniques and tools which can be applied to web application security testing

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Introduction to web application security testing

  1. 1. Introduction to web application security testing Alexandr Romanov
  2. 2. What is security testing and why it is neccessary?
  3. 3. Prepare your mind for security testing - Think like a hacker :) - Concentrate on negative testing - Vulnerabilities = bugs
  4. 4. Security testing in action - stage 1 Mapping the application - web spidering - user directed spidering - brute force scanning
  5. 5. Security testing in action - stage 2 Analyze the application - application functionality - data entry points - application technologies
  6. 6. Security testing in action - stage 3 Test/break the application Test: - client-side controls - authentication mechanizm - session management mechanizm - access controls - input-based vulnerabilities .....
  7. 7. Security testing in action - stage 4 Report the results 1. Exclusive summary 2. Detailed report 3. Raw output
  8. 8. Security tester tools Firefox: - Firebug/FirePath - HTTPWatch - FoxyProxy - XSSme/SQLme Chrome: - XSSRays IE: - HTTPWatch/IEWatch
  9. 9. Security tester tools Complex tools: - BurpSuite - WebScarab - Zed Attack Proxy - Fiddler Vulnerability scanners: - Acunetix - Nikto - Nessus
  • ScottGoette

    Aug. 10, 2015

A brief overview of common techniques and tools which can be applied to web application security testing

Views

Total views

1,453

On Slideshare

0

From embeds

0

Number of embeds

8

Actions

Downloads

19

Shares

0

Comments

0

Likes

1

×