SlideShare a Scribd company logo

Security testing addons

Deepu S Nath
Deepu S Nath
Technology
1 of 6
Download to read offline
Essential Security Testing Addons Sreenath
3 Essential Security Add-ons for Devs v HackSearch v XSS Me v SQL inject Me
HackSearch v  Unwanted pages crawled by Google bot v  Backlinks v  Exposed Data v  Exposed FilesExposed Emails v  Whois v  DNS (Health and Information) v  Antivirus site approval v  Builtwith Technologies
XSSMe v  XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS). It does NOT currently test for stored XSS.rnrn v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack.rnrn. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. v  There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.rnrn v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
SQL Inject Me v  SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities. v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack. v  The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool. v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
Thank you

Recommended

No sql injection in meteor.js application
No sql injection in meteor.js applicationNo sql injection in meteor.js application
No sql injection in meteor.js applicationDesignveloper
 
Is word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsIs word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsssusercc9654
 
Sifting through twitter
Sifting through twitterSifting through twitter
Sifting through twittervolvent
 
Coffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlCoffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlDeepu S Nath
 
Cross Device UI Designing
Cross Device UI DesigningCross Device UI Designing
Cross Device UI DesigningDeepu S Nath
 
Getting ready for the cloud iaa s
Getting ready for the cloud iaa sGetting ready for the cloud iaa s
Getting ready for the cloud iaa sDeepu S Nath
 
Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Deepu S Nath
 
Tech bites
Tech bitesTech bites
Tech bitesDeepu S Nath
 

Recommended

No sql injection in meteor.js application
No sql injection in meteor.js applicationNo sql injection in meteor.js application
No sql injection in meteor.js applicationDesignveloper
 
Is word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsIs word press vulnerable to xss and sql injections
Is word press vulnerable to xss and sql injectionsssusercc9654
 
Sifting through twitter
Sifting through twitterSifting through twitter
Sifting through twittervolvent
 
Coffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlCoffee@DBG - Evolution of html
Coffee@DBG - Evolution of htmlDeepu S Nath
 
Cross Device UI Designing
Cross Device UI DesigningCross Device UI Designing
Cross Device UI DesigningDeepu S Nath
 
Getting ready for the cloud iaa s
Getting ready for the cloud iaa sGetting ready for the cloud iaa s
Getting ready for the cloud iaa sDeepu S Nath
 
Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Coffee@DBG - TechBites Sept 2015
Coffee@DBG - TechBites Sept 2015Deepu S Nath
 
Tech bites
Tech bitesTech bites
Tech bitesDeepu S Nath
 
Exploring Node.jS
Exploring Node.jSExploring Node.jS
Exploring Node.jSDeepu S Nath
 
Saa s
Saa sSaa s
Saa sDeepu S Nath
 
Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanFront end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanDeepu S Nath
 
SEO For Developers
SEO For DevelopersSEO For Developers
SEO For DevelopersDeepu S Nath
 
Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Deepu S Nath
 
Advanced visualization
Advanced visualizationAdvanced visualization
Advanced visualizationDeepu S Nath
 
Coffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesCoffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesDeepu S Nath
 
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...Deepu S Nath
 
Microsoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveMicrosoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveDeepu S Nath
 
Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Webandres1422
 
T04505103106
T04505103106T04505103106
T04505103106IJERA Editor
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingInMobi Technology
 
FORENSIC PRESTTN
FORENSIC PRESTTNFORENSIC PRESTTN
FORENSIC PRESTTNRufa'i Mustapha
 
Xss 101
Xss 101Xss 101
Xss 101n|u - The Open Security Community
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxAjayKumar73315
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
 
04. xss and encoding
04. xss and encoding04. xss and encoding
04. xss and encodingEoin Keary
 
ieee
ieeeieee
ieeeRadheshyam Dhakad
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting toolBhagyashri Chalakh
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 

More Related Content

Viewers also liked

Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanFront end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanDeepu S Nath
 
SEO For Developers
SEO For DevelopersSEO For Developers
SEO For DevelopersDeepu S Nath
 
Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Deepu S Nath
 
Advanced visualization
Advanced visualizationAdvanced visualization
Advanced visualizationDeepu S Nath
 
Coffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesCoffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesDeepu S Nath
 
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...Deepu S Nath
 
Microsoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveMicrosoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveDeepu S Nath
 

Viewers also liked (9)

Exploring Node.jS
Exploring Node.jSExploring Node.jS
Exploring Node.jS
 
Saa s
Saa sSaa s
Saa s
 
Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen VijayanFront end workflow Presentation at Coffee@DBG by Praveen Vijayan
Front end workflow Presentation at Coffee@DBG by Praveen Vijayan
 
SEO For Developers
SEO For DevelopersSEO For Developers
SEO For Developers
 
Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016Coffee@DBG - TechBites March 2016
Coffee@DBG - TechBites March 2016
 
Advanced visualization
Advanced visualizationAdvanced visualization
Advanced visualization
 
Coffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 propertiesCoffee@DBG - New CSS3 properties
Coffee@DBG - New CSS3 properties
 
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
What’s new for Android Developers in 2015 - Material Design, Android Studio, ...
 
Microsoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing PerspectiveMicrosoft ALM Support - Testing Perspective
Microsoft ALM Support - Testing Perspective
 

Similar to Security testing addons

Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Webandres1422
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingInMobi Technology
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxAjayKumar73315
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
 
04. xss and encoding
04. xss and encoding04. xss and encoding
04. xss and encodingEoin Keary
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting toolBhagyashri Chalakh
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
xss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdfxss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdfyashvirsingh48
 
Attackers Vs Programmers
Attackers Vs ProgrammersAttackers Vs Programmers
Attackers Vs Programmersrobin_bene
 
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Yuji Kosuga
 
AtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny WyattAtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny WyattAtlassian
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
香港六合彩
香港六合彩香港六合彩
香港六合彩baoyin
 

Similar to Security testing addons (20)

Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Web
 
T04505103106
T04505103106T04505103106
T04505103106
 
Reflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site ScriptingReflective and Stored XSS- Cross Site Scripting
Reflective and Stored XSS- Cross Site Scripting
 
FORENSIC PRESTTN
FORENSIC PRESTTNFORENSIC PRESTTN
FORENSIC PRESTTN
 
Xss 101
Xss 101Xss 101
Xss 101
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthan
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptx
 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSS
 
04. xss and encoding
04. xss and encoding04. xss and encoding
04. xss and encoding
 
ieee
ieeeieee
ieee
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting tool
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
xss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdfxss-100908063522-phpapp02.pdf
xss-100908063522-phpapp02.pdf
 
Attackers Vs Programmers
Attackers Vs ProgrammersAttackers Vs Programmers
Attackers Vs Programmers
 
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
 
AtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny WyattAtlasCamp 2010: Securing your Plugin - Penny Wyatt
AtlasCamp 2010: Securing your Plugin - Penny Wyatt
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 

More from Deepu S Nath

Design Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation DesignDesign Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation DesignDeepu S Nath
 
GTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework IntroGTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework IntroDeepu S Nath
 
Future of learning - Technology Disruption
Future of learning - Technology DisruptionFuture of learning - Technology Disruption
Future of learning - Technology DisruptionDeepu S Nath
 
Decentralized Applications using Ethereum
Decentralized Applications using EthereumDecentralized Applications using Ethereum
Decentralized Applications using EthereumDeepu S Nath
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisionsDeepu S Nath
 
Artificial Intelligence: An Introduction
Artificial Intelligence: An Introduction Artificial Intelligence: An Introduction
Artificial Intelligence: An IntroductionDeepu S Nath
 
FAYA PORT 80 Introduction
FAYA PORT 80 IntroductionFAYA PORT 80 Introduction
FAYA PORT 80 IntroductionDeepu S Nath
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisionsDeepu S Nath
 
Simplified Introduction to AI
Simplified Introduction to AISimplified Introduction to AI
Simplified Introduction to AIDeepu S Nath
 
Mining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoinMining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoinDeepu S Nath
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsDeepu S Nath
 
REACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScriptREACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScriptDeepu S Nath
 
Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization Deepu S Nath
 
Uncommon Python - What is special in Python
Uncommon Python - What is special in PythonUncommon Python - What is special in Python
Uncommon Python - What is special in PythonDeepu S Nath
 
Techbites July 2015
Techbites July 2015Techbites July 2015
Techbites July 2015Deepu S Nath
 
Apple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer EngineApple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer EngineDeepu S Nath
 
Greetings & Response - English Communication Training
Greetings & Response - English Communication TrainingGreetings & Response - English Communication Training
Greetings & Response - English Communication TrainingDeepu S Nath
 
Hybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - XamarinHybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - XamarinDeepu S Nath
 
Internet of Things - The new Paradigmn
Internet of Things - The new ParadigmnInternet of Things - The new Paradigmn
Internet of Things - The new ParadigmnDeepu S Nath
 
Comparing Swift features with Objective C
Comparing Swift features with Objective CComparing Swift features with Objective C
Comparing Swift features with Objective CDeepu S Nath
 

More from Deepu S Nath (20)

Design Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation DesignDesign Thinking, Critical Thinking & Innovation Design
Design Thinking, Critical Thinking & Innovation Design
 
GTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework IntroGTECH ATFG µLearn Framework Intro
GTECH ATFG µLearn Framework Intro
 
Future of learning - Technology Disruption
Future of learning - Technology DisruptionFuture of learning - Technology Disruption
Future of learning - Technology Disruption
 
Decentralized Applications using Ethereum
Decentralized Applications using EthereumDecentralized Applications using Ethereum
Decentralized Applications using Ethereum
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisions
 
Artificial Intelligence: An Introduction
Artificial Intelligence: An Introduction Artificial Intelligence: An Introduction
Artificial Intelligence: An Introduction
 
FAYA PORT 80 Introduction
FAYA PORT 80 IntroductionFAYA PORT 80 Introduction
FAYA PORT 80 Introduction
 
How machines can take decisions
How machines can take decisionsHow machines can take decisions
How machines can take decisions
 
Simplified Introduction to AI
Simplified Introduction to AISimplified Introduction to AI
Simplified Introduction to AI
 
Mining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoinMining Opportunities of Block Chain and BitCoin
Mining Opportunities of Block Chain and BitCoin
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
REACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScriptREACT.JS : Rethinking UI Development Using JavaScript
REACT.JS : Rethinking UI Development Using JavaScript
 
Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization Life Cycle of an App - From Idea to Monetization
Life Cycle of an App - From Idea to Monetization
 
Uncommon Python - What is special in Python
Uncommon Python - What is special in PythonUncommon Python - What is special in Python
Uncommon Python - What is special in Python
 
Techbites July 2015
Techbites July 2015Techbites July 2015
Techbites July 2015
 
Apple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer EngineApple Watch - Start Your Developer Engine
Apple Watch - Start Your Developer Engine
 
Greetings & Response - English Communication Training
Greetings & Response - English Communication TrainingGreetings & Response - English Communication Training
Greetings & Response - English Communication Training
 
Hybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - XamarinHybrid Mobile App Development - Xamarin
Hybrid Mobile App Development - Xamarin
 
Internet of Things - The new Paradigmn
Internet of Things - The new ParadigmnInternet of Things - The new Paradigmn
Internet of Things - The new Paradigmn
 
Comparing Swift features with Objective C
Comparing Swift features with Objective CComparing Swift features with Objective C
Comparing Swift features with Objective C
 

Recently uploaded

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 

Recently uploaded (20)

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 

Security testing addons

  • 1. Essential Security Testing Addons Sreenath
  • 2. 3 Essential Security Add-ons for Devs v HackSearch v XSS Me v SQL inject Me
  • 3. HackSearch v  Unwanted pages crawled by Google bot v  Backlinks v  Exposed Data v  Exposed FilesExposed Emails v  Whois v  DNS (Health and Information) v  Antivirus site approval v  Builtwith Technologies
  • 4. XSSMe v  XSS-Me is the Exploit-Me tool used to test for reflected Cross-Site Scripting (XSS). It does NOT currently test for stored XSS.rnrn v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack.rnrn. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. v  There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.rnrn v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.
  • 5. SQL Inject Me v  SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities. v  The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack. v  The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page. v  The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool. v  You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.