Wiki

New Case Case Status
Register Log In

Wiki

 
  • RSS Feed

Last modified on 18/11/2008 12:07 by User.

Tags:

Secuirty issues

http://stackoverflow.com/questions/72166/penetration-testing-tools

First, there are the commercial web scanners, of which HP WebInspect and Rational AppScan are the two most popular. These are "all-in-one", "fire-and-forget" tools that you download and install on an internal Windows desktop and then give a URL to spider your site, scan for well-known vulnerabilities (ie, the things that have hit Bugtraq), and probe for cross-site scripting and SQL injection vulnerabilities.

Second, there are the source-code scanning tools, of which Coverity and Fortify are probably the two best known. These are tools you install on a developer's desktop to process your Java or C# source code and look for well-known patterns of insecure code, like poor input validation.

Finally, there are the penetration test tools. By far the most popular web app penetration testing tool among security professionals is Burp Suite, which you can find at http://www.portswigger.net/proxy. Others include Spike Proxy and OWASP WebScarab. Again, you'll install this on an internal Windows desktop. It will run as an HTTP proxy, and you'll point your browser at it. You'll use your applications as a normal user would, while it records your actions. You can then go back to each individual page or HTTP action and probe it for security problems.

https://chorizo-scanner.com/

http://www.cirt.net/nikto2



There are a large number of security concerns to deal with, some of which are:

http://www.cigital.com/papers/download/developer_gambling.php

  • Encypting traffic between client and server
    • That is fine for C# .net normal app but what about the Raw socket connection people.
    • SSL Cert - godaddy.com
    • Have some code that should be able to encrypt raw socket coms.... 
    • need to test the raw sockets as well as .net remoting with and without encyption to see if I can sniff the packets
  • The random function.. people could work it out:
    • link to follow:
  • Shuffling the deck:
    • How not to shuffle cards

      for (i is 1 to n)
      Swap i with random position between 1 and n
    • Card random function must use a 64 bit seed = double could be used
    • random number gen must use a "real" random seed.  things like current time are not random enough and can be brute forced.
  • Random number generator needs to be truely random..
    • must be 64 bit.
    • could use something like the number of cycles the processor has used since booted up.
    • could use something like a website that does random numbers
    • need to do more reading on this!