> Where do you start ?
>i

Eh basic nmap obviously and a few google searches for the site refrencing configuration
files, cgi, old cgi that may still be installed but unused, hidden to the public
sections(robots.txt/other),etc..

 Do you spider the site looking for any place that sends paramaters to
> an application ?

Yeah I've done that checking out a site or two.
.

> How do you find where application reside ?

www.altavista.com
url: .cgi www.site.com
url: .php
url: .pl
etc

Try different file types and use google also.
allinurl: .cgi site
etc.

HEAD / HTTP/1.0 not that it is to be trusted but it could give you some idea's.

> What about web services and WDSL ? Do you look at a UDDI ?
> Should you test an application issolation (ie a single cgi) or all applications
> on that site ?
>i

One at a time until they are all checked.

 
> These are just a few thoughts, really just a few...
>
> So does anyone want to share the way they approach deciding what should
> be tested with the list ?
>

NOTE this isn't all I do but it is a quick little guide I figured I'd throw up
since you asked. It may be a little to general if so sorry.

- zenocgisecurity.com

 
> __________________________________________________
> FREE voicemail, email, and fax...all in one place.
> Sign Up Now! http://www.onebox.com
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]