Group items tagged

Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite.

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications. OpenVAS products are Free Software under GNU GPL and a fork of Nessus.

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Voici un tutoriel sur l'injection SQL sous MySQL et MS SQL server. Dans ce tuto vous verez toutes la puissance des injections; ma platforme de test : LAMP avec magic_quote à OFF dans une première partie et ensuite magic_quote à ON ;-) Une injection SQL est un type d'exploitation d'une faille de sécurité d'une application web. On va injecter une requète SQL non prévue par le système et pouvant compromettre sa sécurité.

Voici un tutoriel sur l'injection SQL sous MySQL et MS SQL server. Dans ce tuto vous verez toutes la puissance des injections; ma platforme de test : LAMP avec magic_quote à OFF dans une première partie et ensuite magic_quote à ON ;-) Une injection SQL est un type d'exploitation d'une faille de sécurité d'une application web. On va injecter une requète SQL non prévue par le système et pouvant compromettre sa sécurité.

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.