[Techtalk] Re: security testing
Teri Solow
tsolow at terisolow.com
Mon Apr 19 10:18:37 EST 2004
On Mon, Apr 19, 2004 at 12:41:26AM -0400, Raven Alder said:
> I don't know much about Java apps, but I have found that for Web
> testing in general, these are useful:
>
> Nikto:
> http://www.cirt.net/code/nikto.shtml
> Version 2.0 is coming out Real Soon Now.
Hey, thanks for posting this! I had a bunch of weird hits from some Chinese IPs last week, and after downloading this and testing it on my own site I know what was going on then :)
> I keep meaning to code an automated site-crawler that checks for
> basic things like SQL injection and cross-site scripting
> vulnerabilities, but it's about item 10,000 on the to-do list.
That would be incredibly useful. If you ever do get the chance to do that, be sure to let us know about it :)
--
Teri Solow
http://terisolow.com
A is for Apple.
-- Hester Pryne
More information about the Techtalk
mailing list