[WEB SECURITY] Setting up a Web App testing framework

The Dead th3d34d at gmail.com
Tue Jun 25 11:20:29 EDT 2013


Hello.

Please, check OWASP Testing Guide.
I can also recomend you a reading of the Web Application Hacker´s Handbook.

TH3D34D

On Wed, Jun 19, 2013 at 11:41 PM, aditya <nauty.me04 at gmail.com> wrote:
> Hello Claudie,
>
> I would suggest you start on with Owasp as your framework and right now I
> would suggest you work on manual testing rather than automation.
>
> Hackers handbook can give you a good start to that. Also working on
> platforms like Webgoat and Dvwa would give you a good practical experience.
> For me Burp Suite has been the best tool and for automation there are lits
> of them both closed and open source.
>
> Regards
> Aditya Balapure
>
> Sent from Samsung Galaxy Note®
>
> On 19 Jun 2013 22:01, "adroit learner" <adroitlearner at gmail.com> wrote:
>>
>> Hi all,
>>
>> i ve been following the group for a week now. I am in the process of
>> defining standards for Application testing. Most of them would be Web based
>> applications. Can you help me to begin with some framework on which i can
>> start building. My concerns are
>>
>> 1.  Defining the methodology
>> 2.  Defining the tools that would be required
>>
>> Thanks
>>
>> With warm regards
>>
>> AdroitLearner
>>
>> _______________________________________________
>> The Web Security Mailing List
>>
>> WebSecurity RSS Feed
>> http://www.webappsec.org/rss/websecurity.rss
>>
>> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>>
>> WASC on Twitter
>> http://twitter.com/wascupdates
>>
>> websecurity at lists.webappsec.org
>>
>> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>




More information about the websecurity mailing list