Penetration Testing
Printed From: One Stop Testing
Category: Types Of Software Testing @ OneStopTesting
Forum Name: Security Testing @ OneStopTesting
Forum Discription: Discuss All that is need to be known about Security Testing, All Security Issues and its Tools.
URL: http://forum.onestoptesting.com/forum_posts.asp?TID=1181
Printed Date: 29Dec2024 at 6:39am
Topic: Penetration Testing
Posted By: Satvi
Subject: Penetration Testing
Date Posted: 02May2007 at 5:14am
Dear All,
i am currently testing an application( JSP with websphere&
AS400)with SSL. the security testing has been completed and now i am
incharge of hacking the system, try to penetrate the security system
and expose any vulnarable points if any.I am aware of some conventional
hacking methods like
1)Password cracking( assume the max password is 5 chars( alphanumeric), then there are totally 36 expo 5 possible combinations
2)
IP spoofing-I know this theoretically but not quite sure how i can try
this on my system .Are there any penetration test tools available?
3.specifying Url's like /.../.../abc.txt to get into the directory structure(unprotected)
4.Checking for encryption of username & password when a form is being sent etc.
Kindly let me know any more
|
|