Re: Environment for testing WebApp Security Scanners

Nice idea, but no tool can substitute for a little common sense and manual 
know how.  The way cookies like this would be implemented would vary 
greatly, therefore any security scanner would still rely on signatures - 
back to the problem at hand again.  If it doesn't have the signature/rule it 
isn't going to pick it up.

Therefore, any web application tool out there, when used, should *always* be 
followed up by a manual test.

Just my two pence.

Tom Neaves

> Surely it'd be trivial to have a cookie specification field of the
> scanning tool. The person doing the scanning could review the cookie
> and spec it up a bit. Then the tool could be a bit context aware, at
> least of cookies, and watch when fields it may be interested in
> changes.

> I.e. you could draw links between cookie items and pages, or cookie
> items and request fields, etc, etc, etc.

> The tool could start to learn common cookie forms and use that to help
> suggest what various fields might be.





-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire was recently named the worldwide market leader in Web 
application security assessment tools by both Gartner and IDC. 
Download a free trial of AppScan today and see why more customers choose 
AppScan then any other solution. Try it today!
 
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB
--------------------------------------------------------------------------