testing4 SSLyze v0.4 Released SSLyzeBetter, faster scanner to analyze the configuration of SSL servers.Supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more...Tested on Python 2.6 & 2.7 with Ubuntu and Windows 7, both 32 and 64 bits. Might work on other platforms as well.Based on OpenSSL and a custom SSL Python wrapper.Contact: sslyze /at/ isecpartners.. 2012. 3. 27. Testing Snort IDS with Metasploit vSploit Modules One of my key objectives for developing the new vSploit modules was to test network devices such as Snort. Snort or Sourcefire enterprise products are widely deployed in enterprises, so Snort can safely be considered the de-facto standard when it comes to intrusion detection systems (IDS). So much that even third-party intrusion detection systems often import Snort rules. Organizations are often.. 2011. 7. 11. Testing for Directory Traversal Black Box testing and example (a) Input Vectors Enumeration In order to determine which part of the application is vulnerable to input validation bypassing, the tester needs to enumerate all parts of the application which accept content from the user. This also includes HTTP GET and POST queries and common options like file uploads and HTML forms. Here are some examples of the checks to be perfo.. 2010. 6. 1. 웹 어플리케이션 보안 취약점 테스트 WebScarab Developed by the Open Web Application Security Project (OWASP), WebScarab is first and foremost a proxy used to analyze browser requests and server replies. In addition to serving as a tool for packet analysis, you can use it to "fuzz" sites, looking for some of the same exploits mentioned above. To use WebScarab, you first configure proxy settings in your Web browser. For Mozilla Fire.. 2009. 10. 30. 이전 1 다음
