Newbie questions about security testing
I am new to security testing i need some information about security testing (especially related to e-commerce)
Here are my questions:
How a security testing is performed?
Is there good any document or websites so that i can get some good information about security testing?
Is there any tool present for security testing
There are various of security tools. If I were you I'd download system called BackTrack - www.backtrack-linux.org which has plenty of them. You can test almost everything, including sociotechnics, security of application, security of server, security of network etc. every kind of "security" has its own tools. There is one good software that tests website against security called SET more on http://www.backtrack-linux.org/backtrack/social-engineering-toolkit-training/
If you want test WEB sites you should check this video http://vimeo.com/21631598
There are plenty of tools to scan websites you will get them when you download the system I've given you link above.
There is one more powerful tool to use -> http://www.metasploit.com/ you can read more about it on this site.
Hope I've helped