Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AJAX and Web application scanners

from [rajeshdilli] Network Security [Permanent Link]
Subject: AJAX and Web application scanners
Date: 27 Mar 2006 20:11:59 -0000 
Hi,

          I've been recently going around the web for a couple of challenges 
that AJAX faces. One thing that struck me was the web application scanners. 
I've seen a few vendors (i don't to mention any vendor or product name here) 
products that claim that they have javascript parsers and support for AJAX 
driven applications. My personal experience with these tools is that they could 
not spare well against apps that are heavily JavaScript driven and with the 
introduction of AJAX based apps it's a case of uncertainity in choosing the 
right product (if at all there can be one which can progress in auditing AJAX 
applications). Do any of you have any insights or experinces on these tools 
against AJAX based apps.

Thanks
Rajesh

-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] RE: [OWASP-LEADERS] Re: [Owasp-dotnet] RE: [SC-L] 4 Questions: Latest IE vulnerability, Firefox vs IE security, Uservs Admin risk profile, and browsers coded in 100% Managed Verifiable code, Eric Swanson
Next by Date:  Re: [OWASP-LEADERS] Re: [Owasp-dotnet] RE: [SC-L]4 Questions: Latest IE vulnerability, Firefox vs IE security,Uservs Admin risk profile,and browsers coded in 100% Managed Verifiable code, ol
Previous by Thread:  Announcement: The Web Hacking Incidents Database, contact
Next by Thread:  RE: AJAX and Web application scanners, Tate Hansen
Indexes:  [Date] [Thread] [Top] [All Lists]