2006-04-11

OWASP & tools

I just had an application security awarness training, and it was quite enlightening. Of course Owasp was mentioned, with the top ten list of vulnerabilities, along with the webGoat webapp. but also tools like
  • fiddler: free win32 http proxy with scripting facilities, no ssl support and based on .net
  • charles: shareware http proxy in java with ssl suport
  • WebSleuth: an ie plugin to edit forms, suddenly hacking got so much simplier
Of course there are firefox plugins to achieve the same set of functionnalities.

1 comment:

johns said...

Your blogs are really good and interesting. It is very great and informative. I just had an application security awarness training, and it was quite enlightening. Of course Owasp was mentioned, with the top ten list of vulnerabilities, along with the webGoat webapp Sex Crime Lawyer. I got a lots of useful information in your blog. Keeps sharing more useful blogs..