Security, Penetration Testing

• 

  Newbie questions about security testing
  security testing • • emmalee  

  2
  0
  Votes
  2
  Posts
  3
  Views

  A

  There are various of security tools. If I were you I'd download system called BackTrack - www.backtrack-linux.org which has plenty of them. You can test almost everything, including sociotechnics, security of application, security of server, security of network etc. every kind of "security" has its own tools. There is one good software that tests website against security called SET more on http://www.backtrack-linux.org/backtrack/social-engineering-toolkit-training/ If you want test WEB sites you should check this video http://vimeo.com/21631598 There are plenty of tools to scan websites you will get them when you download the system I've given you link above. There is one more powerful tool to use -> http://www.metasploit.com/ you can read more about it on this site. Hope I've helped
• P

  How to validate web text field regarding to security testing?
  security validate • • prowler  

  2
  0
  Votes
  2
  Posts
  12
  Views

  

  XSS scripts, for example: <SCRIPT SRC=http://x.com/xss.js></SCRIPT> Check input field is validated on client side as well as on server side Make sure that encryption is always enabled, using Fiddler or other similar tools SQL-injection, for example: xxx') OR 1 = 1 -- ] Check strange characters such as “<>/;,!” can not are cut or handled securely Check characters limitation