srinivasulub1981

 Profile Answers by srinivasulub1981 Questions by srinivasulub1981

• Jul 31st, 2008

 

As per my knowledge below security methods needs to be verified in web testing.

·         Cross-site scripting                                                       

·         SQL Injection

·         Buffer overflows

·         Hidden fields

·         CGI parameters

·         Cookies

·         Forceful browsing

·         URL jumping

·         Automatic Form fillers

·         Known Attacks

·         Crawling

srinivasulub1981

 Profile Answers by srinivasulub1981 Questions by srinivasulub1981

• Jul 31st, 2008

 

And there are so many open source tools to test security vulnerabilities like paros, Acunetix.

Shilpa0901

 Profile Answers by Shilpa0901 

• Sep 13th, 2008

 

It is a type of testing in which one will concentrate on the following areas.
Authentication
Direct URL testing
Firewall leakage testing

Authentication: in this type of testing usually one will enter different combinations of usernames and passwords and check whether it is allowing only authorised users or not.

Direct URL: In this type of testing one will enter the direct URL's and try to access the unauthorised pages and check whether they are been accessed or not.

Firewall Leakage: In this type of testing one level of users try to access other level of user pages to check whether firewalls are working properly or not.

saja_mohd

 Profile Answers by saja_mohd 

• Mar 29th, 2009

 

Security Center, Team Viewer Connection, Internet,

saravanan123

 Profile Answers by saravanan123 

• Aug 8th, 2009

 

For security testing no toolis thereit shouldbe tested manualy but with the help os Load runner we can see howit will be

mathan_vel

 Profile Answers by mathan_vel Questions by mathan_vel

• Aug 11th, 2009

 

 “The Security tools suite provides a fully featured web security scanner, crawler, report analysis tool, as well as web security explanations, and an extensive database of security checks for all leading web server platforms. The all-in-one web security software lets the user scan for SANS Top 20 and OWASP Top 10 2004 vulnerabilities. Additionally, the new baseline security scanning feature automatically detects, reports & addresses outdated server software, closing up your web server even more to vulnerabilities and possible attacks.”

SANS: (Client-side Vulnerabilities in, Server-side Vulnerabilities in, Security Policy and Personnel, Application Abuse, Network Devices, Zero Day Attacks)


OWASP: (Input Validation, Access Control, Authentication and Session Management, Input Validation->Cross site scripting, Buffer Overflows, Input Validation->Injection,  Error Handling, Data Protection, Availability, Application Configuration Management
Infrastructure Configuration Management)