Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Web Browser For Penetration Test

from [Gareth Davies] Network Security [Permanent Link]
Subject: Re: Web Browser For Penetration Test
Date: Wed, 12 Apr 2006 13:07:59 +0800 
I use Firefox with IEtab extension and Burp Suite.

http://www.portswigger.net/suite/

https://addons.mozilla.org/extensions/moreinfo.php?id=1419&application=firefox

WebScarab is good too.

Another option for Burp is Paros if you want some choice.

http://www.parosproxy.org/index.shtml

My favourite is definately Burp though.

nimdA wrote: 
Dear All

I'm looking for web browser that help me in penetration testing of web
applications, there are a lot of scanning tools, but I'm looking for a
basic web browser which allow me to control all the data that send to
or receive from the web server.

There are some grate tools like minibrowser, but with complex
application it did not work fine unless you use "Internet Explorer" as
a browser, and you will lose the benefits of this browser.

Unfortunately, I can't find other browser that does the same thing.
What I'm looking for is a simple application, before send or receiving
any value from the web server asks the user to confirm that data that
will send or will receive, not more then that.

So, If any one know some software or IE plug-in or client proxy that
will help me on this, please send it.

Thanks.

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------




--
Gareth Davies - BS7799 LA, OPST

Manager - Security Practice

Network Security Solutions MSC Sdn. Bhd.
Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara,
Mont’ Kiara, 50480
Kuala Lumpur, Malaysia Phone: +603-6203 5303 or +603-6203 5920

www.mynetsec.com


-------------------------------------------------------------------------
This List Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  2nd European Conference on Computer Network Defense (EC2ND), Blyth A J C (Comp)
Next by Date:  Canonicalization, susam_pal
Previous by Thread:  Re: Web Browser For Penetration Test, Tim Brown
Next by Thread:  Re: Web Browser For Penetration Test, ROB DIXON
Indexes:  [Date] [Thread] [Top] [All Lists]