From: Michael Cunningham (crayola@optonline.net)
Date: Thu Mar 18 2004 - 20:41:58 EST
Folks,
I am going to have to take on the task of testing software
applications my company produces as they roll through the
QA/UAT process for security concerns (can't hire anyone and software
to automate the testing seems to be very expensive). They are
mainly web based applications with a database backend, appworx jobs,
and some custom java and C programs. I am aware of how sql
injection, buffer overflows, cross site scripting, and other
security programming problems work, but I dont have a whole lot
of experience applying this knowledge to application testing.
Are there any training courses or documents/books you can
suggest that would help me learn the skills I need to
make this happen? Does anyone have a site that lists tools
(open source preferred) That I could use to help me test these
applications?
Thanks for any help you can offer,
Mike
-- Michael Cunningham (CISSP, SCNA, SCSA, CCSA) --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:50 EDT