Re: [pakgrid] Re: Penetration Testing Research

 

Dear Abid   Web application penetration testing is one of the most sought after and interesting fields of study. There are various avenues of attack against a web server:   1. The operating system being run the machine (FreeBSD, Linux, Windows...). Which interesting ports are open? Vulnerability scan of the operating system, etc.   2. Web server (Apache, IIS, etc.) running on top of the operating system. You may like to check for security flaws in the design and deployment flaws of a web server.   3. Web Application running on top of the web server. You may like to try SQL injection, X-site scripting, etc.   These are three basic avenues of attack / penetration in a web server. Each of these basic layers can further be exploited by various mechanisms. A lot of penetration testing tools in all these avenues are available. You may like to start with them and suggest improvements in the tools and security measures to patch security flaws you may discover.   -- Muhammad Farooq-i-Azam --- On Sun, 9/9/12, mhkhan111 <mhkhan111@yahoo.com> wrote: From: mhkhan111 <mhkhan111@yahoo.com> Subject: [pakgrid] Re: Penetration Testing Research To: pakgrid@yahoogroups.com Date: Sunday, September 9, 2012, 3:55 PM Dear Abid, I will recommend the OWASP project for your initial research findings regarding  web application security as they are providing basic guidelines and tools for web application security. You can refer to following web page for your thesis/project. https://www.owasp.org/index.php/OWASP_student_projects Best Regards, Muhammad Haseeb Sr. Executive IT/Advanced Analytics (PTML) --- In pakgrid@yahoogroups.com, Abid Shahzad <abidshahzad4u@...> wrote: > > Respected All > > I want to take Penetration Testing for Web Application as my MS CS thesis. > > I want to know this is it still significant or can someone help me in this regard? > > >   > regards > Abid Shahzad > Student: MS CS > AIOU Islamabad > ------------------------------------ Yahoo! Groups Links <*> To visit your group on the web, go to:     http://groups.yahoo.com/group/pakgrid/ <*> Your email settings:     Individual Email | Traditional <*> To change settings online go to:     http://groups.yahoo.com/group/pakgrid/join     (Yahoo! ID required) <*> To change settings via email:     pakgrid-digest@yahoogroups.com     pakgrid-fullfeatured@yahoogroups.com <*> To unsubscribe from this group, send an email to:     pakgrid-unsubscribe@yahoogroups.com <*> Your use of Yahoo! Groups is subject to:     http://docs.yahoo.com/info/terms/

__._,_.___

Reply to sender | Reply to group | Reply via web post | Start a New Topic

Messages in this topic (7)

Recent Activity:

• New Members 16

Visit Your Group

Switch to: Text-Only, Daily Digest • Unsubscribe • Terms of Use

.

__,_._,___