Comments on: Web Application Penetration Testing… my tools of the trade http://www.samurainet.org/blog/2008/05/12/web-application-penetration-testing-my-tools-of-the-trade/ "If you cut me, I bleed binary" Tue, 06 Jan 2009 22:03:25 +0000 http://wordpress.org/?v=2.5 By: SuperCherry http://www.samurainet.org/blog/2008/05/12/web-application-penetration-testing-my-tools-of-the-trade/#comment-185 SuperCherry Fri, 11 Jul 2008 13:10:10 +0000 http://www.samurainet.org/blog/?p=17#comment-185 Nice collection but, if someone is doing web app testing wont use map (not that it wont give interesting information) because are running tests on the 7th layer. To do proper Web server banner scanning you can use httpPrint, or Wikto (Wikto is using HttpPrint and HttpTrack to identify and clone the site for further analysis). Something similar to nmap is hmap (not the best tool, but it is open source and someone can learn from it). Guy have a look at http://blog.kassaras.com. PS: Nice post... Nice collection but, if someone is doing web app testing wont use map (not that it wont give interesting information) because are running tests on the 7th
layer. To do proper Web server banner scanning you can use httpPrint, or Wikto (Wikto is using HttpPrint and HttpTrack to identify and clone the site for further analysis).

Something similar to nmap is hmap (not the best tool, but it is open source and someone can learn from it). Guy have a look at http://blog.kassaras.com.

PS: Nice post…

]]> By: jdmurray http://www.samurainet.org/blog/2008/05/12/web-application-penetration-testing-my-tools-of-the-trade/#comment-26 jdmurray Sun, 18 May 2008 16:19:47 +0000 http://www.samurainet.org/blog/?p=17#comment-26 I noticed your reply on Linkedin with the URL of this article. Email me an invite. I noticed your reply on Linkedin with the URL of this article. Email me an invite.

]]> By: Richo http://www.samurainet.org/blog/2008/05/12/web-application-penetration-testing-my-tools-of-the-trade/#comment-10 Richo Tue, 13 May 2008 07:01:17 +0000 http://www.samurainet.org/blog/?p=17#comment-10 V. nice. I might go see how many of these are all good for FF3 V. nice.
I might go see how many of these are all good for FF3

]]> By: Darkfox http://www.samurainet.org/blog/2008/05/12/web-application-penetration-testing-my-tools-of-the-trade/#comment-9 Darkfox Tue, 13 May 2008 01:03:50 +0000 http://www.samurainet.org/blog/?p=17#comment-9 very good read, and very helpful. you go into good detail with programs, which seem to be very useful. -Foxie- very good read, and very helpful. you go into good detail with programs, which seem to be very useful.
-Foxie-

]]>