|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Open Source Application Vulnerability Assessment Tools
From: Arian J. Evans (arian.evans
anachronic.com)
Date: Mon Oct 02 2006 - 18:33:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ps - In my haste below I failed to clarify that
I meant "open source domain" in reference to automation.
There are a variety of commercial tools, but in
the non-commercial space, nothing (worth using). </0.02>
For manual tools, WebScarab and Paros are easy and
WebScarab has become quit feature rich. Ben, you
might try taking a look at WebScarab and extending
that, instead of starting YALGRITLPWP (yet another
lets go re-invent the local proxy wheel project).
It's simply too hard to pronounce to be successful.
-ae
(though nobody has made an OSS web fuzzer worth
anything; the only thing close is Burp Intruder.
Which tells me there are a lot of "web app security
consultants" that do not provide much depth in
their pen testing process, unless everybody's got
a Peach Fuzzer/SPIKE script in their back pocket
and I simply haven't heard about it
In the mean time, this would be a good project)
> -----Original Message-----
> From: Ben Hall [mailto:ben2004ukgooglemail.com]
> Sent: Monday, October 02, 2006 5:12 AM
> To: dotevansanachronic.comsecurityfocus.com;
> arian.evansanachronic.com
> Cc: Aman Raheja; Brokken, Allen P.; webappsecsecurityfocus.com
> Subject: Re: Open Source Application Vulnerability Assessment Tools
>
> Hello,
>
> This is a topic close to my heart at the moment as I am looking at
> creating a tool like this for my undergraduate Comp Sci degree here in
> the UK.
>
> I have two choices at the moment (all would be released as
> OSS if it works),
>
> ASP.net Static Code Analyzer for security weaknesses which I think
> could be a useful tool for developers to help educate and project
> their code.
>
> Black Box testing software, for Pen Testers to easily edit different
> parts of requests, forge their own valid requests, integrated browser,
> source code (html) live editor, profiler etc - very manual, but
> everything is nicely integrated and extendable.
>
>
> How can an attack be automated? I have saw applications which
> automatically try for SQL injection on all the fields, brute
> force/attack authentication. But its very much, separate apps for
> separate attacks (or so I have found).
>
> What would a prefect application do?
>
> Anyone got an suggestions on my ideas?
>
> Thanks for your time
>
> Ben
>
> On 01/10/06, Arian J. Evans <arian.evansanachronic.com> wrote:
> > The lack of info is because, in this domain,
> > there really isn't anything in the "automated
> > web app scanner" domain worth using.
> >
> > For manual testing, there are a ton of tools.
> >
> > Undertaking the creation of one is challenging.
> >
> > The variables are certainly far, far higher
> > than harnessing a scripted testing engine
> > and regex matcher to a port scanner/protocol
> > fingerprinter, a'la Nessus.
> >
> > This is a much harder problem, more variables,
> > and not many folks do a good job at it. (These
> > are smart folks too, but it's a hard problem).
> >
> > </free_lunch>
> >
> > -ae
> >
> > > -----Original Message-----
> > > From: listbouncesecurityfocus.com
> > > [mailto:listbouncesecurityfocus.com] On Behalf Of Aman Raheja
> > > Sent: Thursday, September 28, 2006 4:01 PM
> > > To: Brokken, Allen P.; webappsecsecurityfocus.com
> > > Subject: Re: Open Source Application Vulnerability
> Assessment Tools
> > >
> > > Some tools are listed here
> > >
> > > http://sectools.org/web-scanners.html
> > >
> > > Aman Raheja, CISSP
> > > PGP Key: www.techquotes.com/araheja.asc
> > >
> > >
> > > On Wed, 27 Sep 2006 14:40:19 -0500, "Brokken, Allen P."
> > > <BrokkenAmissouri.edu> wrote :
> > >
> > > >
> > > > On this list we talk a lot about various vendor provided
> > > tools quite a
> > > > bit. In general it appears most solutions are
> > > Windows-centric in their
> > > > installation even if they work against multiple platforms.
> > > >
> > > > With the prevalence of LAMP systems I would figure there
> > > must be some
> > > > means of doing a security assessment on their applications
> > > with native
> > > > tools. It seems odd to me that there isn't a NESSUS
> equivalent for
> > > > application testing. I'm wondering what is available
> from the Open
> > > > Source community in the way of
> > > >
> > > > * Black Box web assessment software
> > > > * Source code assessment software
> > > > * Assessment management software
> > > >
> > > > I'm more looking for names/urls to projects than I am for any
> > > > comparisons or descriptions.
> > > >
> > > > Allen Brokken
> > > >
> > > > Information Security and Account Management - IAT Services
> > > - University
> > > > of Missouri -brokkenamissouri.edu - (573)884-8708
> > > >
> > > >
> > > >
> > > --------------------------------------------------------------
> > > -----------
> > > > Sponsored by: Watchfire
> > > >
> > > > It's been reported that 75% of websites are vulnerable to
> > > attack. That's
> > > > because hackers know to exploit weaknesses in web applications.
> > > > Traditional approaches to securing these assets no longer
> > > apply. Download
> > > > the "Addressing Challenges in Application Security"
> > > whitepaper today, and
> > > > see for yourself.
> > > >
> > > >
> > > https://www.watchfire.com/securearea/whitepapers.aspx?id=70150
> > > 0000008Vmw
> > > >
> > > --------------------------------------------------------------
> > > ------------
> > > >
> > > >
> > > >
> > > >
> > >
> > > --------------------------------------------------------------
> > > -----------
> > > Sponsored by: Watchfire
> > >
> > > It's been reported that 75% of websites are vulnerable to
> > > attack. That's
> > > because hackers know to exploit weaknesses in web applications.
> > > Traditional approaches to securing these assets no longer
> > > apply. Download
> > > the "Addressing Challenges in Application Security"
> > > whitepaper today, and
> > > see for yourself.
> > >
> > > https://www.watchfire.com/securearea/whitepapers.aspx?id=70150
> > > 0000008Vmw
> > > --------------------------------------------------------------
> > > ------------
> >
> >
> >
> --------------------------------------------------------------
> -----------
> > Sponsored by: Watchfire
> >
> > It's been reported that 75% of websites are vulnerable to
> attack. That's
> > because hackers know to exploit weaknesses in web applications.
> > Traditional approaches to securing these assets no longer
> apply. Download
> > the "Addressing Challenges in Application Security"
> whitepaper today, and
> > see for yourself.
> >
> >
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70150
> 0000008Vmw
> >
> --------------------------------------------------------------
> ------------
> >
> >
-------------------------------------------------------------------------
Sponsored by: Watchfire
Today's hackers exploit web applications to expose, embarrass and even
steal. Firewalls and SSL may be commonplace but recent studies indicate 3
out of 4 websites remain vulnerable to attack. Watchfire's "Addressing
Challenges in Application Security" whitepaper explains what to do and
provides a guideline to improving your own application security.
Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmw
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]