Hi all, i ve been following the group for a week now. I am in the process of defining standards for Application testing. Most of them would be Web based applications. Can you help me to begin with some framework on which i can start building. My concerns are 1. Defining the methodology 2. Defining the tools that would be required Thanks With warm regards AdroitLearner

Hello Claudie, I would suggest you start on with Owasp as your framework and right now I would suggest you work on manual testing rather than automation. Hackers handbook can give you a good start to that. Also working on platforms like Webgoat and Dvwa would give you a good practical experience. For me Burp Suite has been the best tool and for automation there are lits of them both closed and open source. Regards Aditya Balapure Sent from Samsung Galaxy Note® On 19 Jun 2013 22:01, "adroit learner" <adroitlearner@gmail.com> wrote: > Hi all, > > i ve been following the group for a week now. I am in the process of > defining standards for Application testing. Most of them would be Web based > applications. Can you help me to begin with some framework on which i can > start building. My concerns are > > 1. Defining the methodology > 2. Defining the tools that would be required > > Thanks > > With warm regards > > AdroitLearner > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > >

Hello. Please, check OWASP Testing Guide. I can also recomend you a reading of the Web Application Hacker´s Handbook. TH3D34D On Wed, Jun 19, 2013 at 11:41 PM, aditya <nauty.me04@gmail.com> wrote: > Hello Claudie, > > I would suggest you start on with Owasp as your framework and right now I > would suggest you work on manual testing rather than automation. > > Hackers handbook can give you a good start to that. Also working on > platforms like Webgoat and Dvwa would give you a good practical experience. > For me Burp Suite has been the best tool and for automation there are lits > of them both closed and open source. > > Regards > Aditya Balapure > > Sent from Samsung Galaxy Note® > > On 19 Jun 2013 22:01, "adroit learner" <adroitlearner@gmail.com> wrote: >> >> Hi all, >> >> i ve been following the group for a week now. I am in the process of >> defining standards for Application testing. Most of them would be Web based >> applications. Can you help me to begin with some framework on which i can >> start building. My concerns are >> >> 1. Defining the methodology >> 2. Defining the tools that would be required >> >> Thanks >> >> With warm regards >> >> AdroitLearner >> >> _______________________________________________ >> The Web Security Mailing List >> >> WebSecurity RSS Feed >> http://www.webappsec.org/rss/websecurity.rss >> >> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA >> >> WASC on Twitter >> http://twitter.com/wascupdates >> >> websecurity@lists.webappsec.org >> >> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org >> > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org >