Menu

Download

Dziś nas odwiedzili:
Archiwum:
Grudzień 2016 (949)
Listopad 2016 (2431)
Październik 2016 (1961)
Wrzesień 2016 (1857)
Sierpień 2016 (2521)
Lipiec 2016 (2605)


Pokaż wszystkie tagi:
Wejścia na Vorek.pl z:
{referer}



NABÓR NA STANOWISKO


MODERATOR        UPLOADER



OWASP Web Testing LiveCD 2011

OWASP Web Testing LiveCD
2011 | ENG | 650 MB


OWASP LiveCD - contains a selection of programs to test the safety and performance audit of the code of web-applications, acts as an analog of the well-known tool for testing network security BackTrack, but specializes in the web. Last Release OWASP LiveCD was released in 2007, last summer decided to complete processing of the distribution.

The composition of OWASP LiveCD includes programs such as Httprint to determine the type http-server on circumstantial evidence, vulnerability scanners in web-applications Grendel Scan and w3af, utilities to identify opportunities to introduce SQL code SQLiX and sqlmap, means of brute force, the local proxy WebScarab , Paros Proxy, Rat Proxy and Burp Suite, Firefox c 1925 amendments to debug sites.

Thus, the very ten most dangerous threats:
A1 Injection (injection of any kind, including SQL, LDAP, etc.)
A2 Cross Site Scripting (not lost relevance XSS)
A3 Broken Authentication and Session Management (errors in the architecture of the authentication and session management)
A4 Insecure Direct Object References (unprotected resources and facilities, we can recall the case with SVN)
A5 Cross Site Request Forgery (CSRF)
A6 Security Misconfiguration (unsafe configuration of the environment, different frameworks, platforms)
A7 Failure to Restrict URL Access (unauthorized access to functionality that requires special privileges - such as bypassing the validation c using a double slash "/" in the URL to gain access to the management of a blog in Wordpress)
A8 Unvalidated Redirects and Forwards (open redirects, which lead to phishing, HTTP Response Splitting and XSS)
A9 Insecure Cryptographic Storage (unsafe storage of important data)
A10 Insufficient Transport Layer Protection (lack of protection for data in transit at the transport level, such as HTTP instead of HTTPS).

Download:
Aby zobaczyć ukryty tekst musisz być zalogowany, jeżeli nie masz konta zarejestruj się!



Podziel się !

Delicious'da Share  Share on Facebook  Friendfeed Share  Google Shared  StubmleUpon'da Share  Digg'de Share  Netvibes'de Share  Reddit'de Share RSS Feeds Subscribe!

Powrót
Przeglądasz witrynę jako gość.
Dlatego zachęcamy do rejestracji lub do zalogowania się.

Informacja
Użytkownicy z rangą Gość nie mogą dodawać komentarzy.