security (16)


Zed Attack Proxy

The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks




Directory Buster

Another great security tool from the Open Web Application Security Project. Asides from worrying spelling in a lot of these open source projects (“Responce”??), there is little gem to identify hidden pages/directories and directories with a web application, which highlights possible security holes (an emailer script in unused page for example). This can be used safely as the tool will not exploit anything it finds, just to find other possible attack vectors that are not immediately obvious.




Skipfish

Skipfish Default OutputNow onto another command line based security testing tool called Skipfish. You can download and compile source, or yum for package (yum install skipfish).

Now navigate to a directory where you want to output results directory to be created (or you can enter specific path in the command string). The Skipfish help page gives you many examples to try, but the first suggested usage is:-

./skipfish -o enter desired results output directory name http://www.example.com/some/starting/path/

Despite the command line being off-putting to most, it is quick and easy, and generates some good reports. Click on thumbnail to see of output using above command line string.




Zap Website Security Testing

OWSAP ZAP is a useful website security testing tool, that any web savvy tester could use effectively. Apart from the annoyingly vague setup (ensure first task is to set up your browser to use same proxy as defined in ZAP), there are useful tools that you can start at a click. I ran the “Active Scan” option, just to see what this could do out-the-box. I would recommend “Passive Scan” really, as this is far safer to use (remember to try and use this tool only on test sites, as it does have potential to crash websites).

Active scanning attempts to find potential vulnerabilities by using known attacks against the selected targets.

Impressive – firstly, I was surprised by how much of a site directory is viewable – when using CMS’s like Drupal or WordPress, a lot of assumptions are made as to security. The number of updates to these CMS’s purely on security issues should highlight the need to keep a handle on your website security in general. Click more to view the reports I generated, as it will illustrate that this tool is capable of.




TamperData

Oh, I like this – a great tool for any web tester, and a better alternative to using CURL to manipulate POST/GET http data. TamperData is an Firefox extension to track and modify http/https requests. It is ideal to common more lightweight security issues, which are important to consider, given the amount of amateur hackers, and the software available to them. As an aside, if you want a serious stab at (snigger!) penetration testing, try the Backtrack linux distro. Use a few tools on this and, believe me, you will never do anything that requires security, across a wireless network.