Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Pentesting RoR

from [Mister Dookie] Network Security [Permanent Link]
Subject: Pentesting RoR
Date: Mon, 16 Jul 2007 22:32:53 -0400 
So a client is setting up a webapp written in Ruby on Rails with a
MySQL backend.

I do not have much experience with Ruby exploits or SQL injection against Ruby.

Can some list members give me some insight or point me in the right
direction? I know the new Metasploit is written using Ruby. Does that
make it a better pentest platform (just one of the tools) for me?
Thanks! Regards, John

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer

http://www.cenzic.com/c/wf-spi
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability, Gary Oleary-Steele
Next by Date:  Re: Wireless assessment, rajat swarup
Previous by Thread:  [Full-disclosure] [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability, Gary Oleary-Steele
Next by Thread:  Re: Pentesting RoR, hwertz
Indexes:  [Date] [Thread] [Top] [All Lists]