(note - I've taken vuln-dev out of the CC-list, as this seems just the tiniest bit more suitable for pen-testers) > FYI, AppScan breaks/subverts web applications - there are > plenty of tools > to break web servers (apache/IIS), but it looks like appscan > is on it's own > on the test-the-bespoke-web-app front. I'm not a hundred percent sure if hailstorm has been considered, but have a look, or take an evaluation copy for a test drive at http://www.clicktosecure.com/products/index.html also, HSCs babelweb can possibly used for subverting web applications - the least it does is a good deal of enumeration: (from the web site) "Babelweb is a program which allows to automate tests on a HTTP server. It is able to follow the links and the HTTP redirect but it is programmed to remain on the original server. The main goal of babelweb is to obtain informations about a remote web server and to sort these informations. It is thus possible to draw up the list of the accessible pages, the cgi scripts met, the various files found like .zip, .pdf..." ..get it from here: http://www.hsc.fr/ressources/outils/babelweb/ As additional ideas, you may want to look into tools such as RFProxy[1], Achilles[2] or subweb[3] when breaking web apps; I found Achilles invaluable when needing on-the-fly substitution of authentication cookies for a web board, which in a fashion was a bit like breaking it. As 'web apps' seems to be pretty huge a field, breaking them might involve low-level stuff such as a spoofed IP, referrer or somesuch, or SQL injection, overly long input in forms, exploitation of site-design specific bugs (is the interface plain html w/ cgi? is it PHP? is the PHP possibly derived from a known buggy app?), so I estimate there's currently no tool remotely capable of emulating the brains of an experienced human web app breaker (for lack of a better word) good luck thomas --- [1] (not released yet? - not sure - see http://www.wiretrip.net/rfp) [2] http://www.digizen-security.com/projects.html [3] http://www.hsc.fr/ressources/outils/subweb/index.html.en ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Sep 25 2001 - 18:29:23 PDT