Web Pen Testing Recomendations - Tools & External Contractor Recommendations [closed] - security

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
I'm not sure if this is even an appropriate question for SO but I'll go ahead anyway as I'm not sure.
I've been looking at Pen Testing tools for my current project and have found a number of them but ultimately there is no getting away from taking this seriously and looking to a professional organisation or individual that specialises in performing this kind of work.
The reason for looking for tools is simply to enable me to pick off the low hanging fruit before initiating a full pen testing cycle. This should also hopefully make that process cheaper as I will hopefully have addressed all the obvious vulnerabilities.
Tools & Resources
BurpSuite
IBM AppScan
nmap.org
Nikto
Organisation & Individuals
I'm wondering if there are any resources out there that rate and review organisations performing these tasks? Are there any organisation that you could recommend that you have used previously with good results?

#Jammer, I am not sure if there exists such a rating that you are looking for. My personal view would be ,make a study of your requirements-whether you are looking for a certification or a compliance or just trying to increase security. Based on these criteria,you can look at the pentesting organisations and evaluate them on your own. This link may help,
http://www.ivizsecurity.com/blog/penetration-testing/how-to-choose-penetration-testing-companies/
Anyways there is always a trade off between choosing third party vendors or owning a own security team. You can go for third party consultation then have a own in-house Security Educated QA Team.
Hope this helps.

I am afraid some of the tools you listed are note comparable.
Burp is a proxy-scanner tool. You can intercept the traffic with burp and manipulate the request before sending to the server. Pro version has scanner for specific request you send the scanner
Nikto and Appscan are automated scanner. At the end, you need to eliminate false positives and also might have false negative results.
nmap is powerfull tool for networking stuff such as port scanning, ftp, snmp etc related searches by using scripting engine.
Additionally, using automated tools will not reduce your penetration testing costs. Because in any case you should take penetration test service before make your app public.
Reducing security costs is not a good idea, instead better to hire developers have secure coding background or apply secure development lifecycle to your development environment.
If you any other question please shoot it.

Related

Is there a amazon webstore API for customers? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 9 days ago.
Improve this question
I am working on a personal expense tracking application and would like to retrieve a list of orders made by a customer (me) on amazon.com.
The Amazon MWS API is described as follows:
Amazon Marketplace Web Service (MWS) is an integrated web service API that allows Amazon
sellers to programmatically exchange data on orders, payments, reports, and more.
That is clearly meant for use by sellers, not by customers. Is there any way I could retrieve that information, without having to rely on browser automation?
You will probably have to build a crawler to log into your account, browse your order history and parse the pages.
As far as finding official word on the availability of such a feature, nothing suggests there is such a thing as a customer API and rarely do people offer a list of services they don't provide. Amazon might simply consider this being too much of a fringe case to bother having one.
While it happens that certain features are simply under-documented, more often than not the absence of documentation is simply the reflection of the absence of the feature itself. And it's notoriously difficult to prove a negative. Therefore we can only reach for the most obvious answer, that there is no such thing.
A crawler is certainly less efficient than a dedicated API and prone to break on page design changes, but it is still better than nothing.

Is Web Application Firewall useful? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
Recently, my brother suggested me to use mod_security. I did a research what it truly is and what it does, but I feel very uneasy to decide whether should I use it or not. Here is what in my mind that keep me from not using it.
Slightly affect my website performance. The more rules, the slower it will get.
It does not completely filter all the attacks (it is understandable, because it is not possible for any software to truly protect everything).
Sometimes, it can block innocent users.
Add another software means add another responsibility to maintain it.
Now the real question is:
If mod_security cannot filter everything, and you still need to make
sure your web application is secure, why not properly write a
secure web application without running any Web Application
Firewall?
Since it is our web application, we know better than any 3rd-party software what expected input from users. Having 3rd-party software to detect the attack and then write a input validation in our web application is like a double-check (while it is good, but the performance cost would be double as well).
In the scenario you describe, where you have a custom application written by developers who care about security, I agree that WAFs offer nugatory value as an intrusion prevention system.
The idea that WAFs are effective in automatically providing unknown web apps is industry marketing spin of the worst kind. They provide exceedingly poor performance(*) if not painstakingly configured to fit the application; unless you have a separate security team that has the resources to do that, it is typically indeed better to spend the resources on secure development.
(*: as in protection afforded vs time and custom lost due to false positives; mod_security's core rules are IMO particularly troublesome.)
WAFs are, on the other hand, useful:
as temporary workarounds to allow you to protect legacy and third-party applications with specific known vulnerabilities until such time as they can can be fixed or replaced;
configured as intrusion detection systems, raising alerts rather than blocking, where you have operational resources to follow up and potentially block attack sources.

simplest framework/platform for online store [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
I'm looking to set up a small site for a friend that has some widgets they want to sell online. I don't think I will have much time for maintenance once it goes live (for that matter, I don't expect I'll have much time for initial setup and configuration), and I am looking for something that is dead-simple for a non-technical user to maintain (financial/payment info, add/remove/change products).
The second most important part would be good integration with a payment provider. I'm not too fussy what language it's in if it meets my other criteria (if I don't know the language I will learn enough to get the site running).
Also important is that I'd prefer to stick to open-source products, mostly because I don't think this project will have much of a budget for high-end commercial products (at least not until it makes some sales).
The last time I did this sort of stuff we were building custom sites from scratch for clients with very specific needs. I do not have recent experience with the current generation of blogging tools (Wordpress, Joomla, etc...) and I don't really know which off-the-shelf combo of platforms and plugins are best to get something up and running in as little time as possible.
Hosting your own online store is a full-time occupation, no different from running your own brick-and-mortar store. Anything that accepts online payments will be targeted by criminals for online fraud.
If your business is selling widgets and not running online stores, I strongly, strongly suggest using a hosted service with its own web integration and payment handling. I know people who have used both Weebly and Etsy and who are happy with them.

Does anybody know what companies are currently using agile iconix process? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
Does anybody know what large companies are currently using agile iconix process??
The only ones I know are the one I could find on the ICONIX Software Engineering corporate website:
Case studies: see how ESRI Professional Services, Virginia Department of Motor Vehicles, and Large Synoptic Survey Telescope are succeeding with ICONIX Process
I may be wrong but to me, the ICONIX methodology isn't really widely used and it
looks more like a way to sell their Enterprise Architect product.
And personally, I never had big successes with too much UML centric approaches (à la MDA).
I like the process and used it well in several projects. I just want to give some of my thoughts on it:
Iconix is based on domain driven design. Domain comes first. This is fine, however we need to be aware of a boundary conditions. To put is simply, domain driven design works for the relatively complex projects. There may not be a domain model as design pattern at all since it may not be the best choice for every system.
Iconix assumes sophisticated deisgn. Not every project needs it and not every project has developers capable of absorbing it. There are tons of data-centric or purely data manipulation applications out there.
No community, stale web site. I don't know of anybody who uses the process.

What tool would you use to find security holes in Google Chrome [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I wish to know from SO security experts and hackers what kind of tools would they use to find a security hole in Chrome's armor? And using what programming and testing techniques?
I'm particularly interested in Open Source tools running on Linux.
Google announced on the Chrome Web Browser blog that they will pay 500$US for each security bug found. They plan to offer 1337$ for major bugs.
Thanks and happy bounty hunting!
just my opinion,
If you are not experienced in software you have better to exploit your skills doing some normal application/web app development then trying to get money from Google. After all two days of a freelance developer is about 500$.
Finding exploit is a difficult task and require really an huge knowledge of how computers works. There is many tecnics to discover exploits but almost none of them are automatic. If it was just using a tool Google would have done it themselves.
after for some basic tool you can try fuzzing tool but not really sure how it would behave with a browser.
Couple of points
Read up about fuzzing
Read up about Assembly language
Obtain a fuzzer
Obtain a reverse engineering program / Debugger (OllyDB, IDA Pro)
Sorry I can't be more help, but I don't do a lot of fuzzing myself. But the points above should help you find overflows and whatnot in Chrome, if there are any.
Finding exploits like this can be very tricky. I can only imagine the testing Google would give their apps before releasing them, but good luck ;-D

Resources