Open-AudIT
https://www.open-audit.org/phpBB3/

Testing (security, vulnerability, penetration)
https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=5785
Page 1 of 1

Author:  Mark [ Tue Oct 25, 2011 1:26 pm ]
Post subject:  Testing (security, vulnerability, penetration)

I want OAv2 tested for vulnerabilities & penetration (security) issue's.
Is anyone aware of anything that can do this (preferrably for free)?
I know most places pay for an external company to perform the test(s), but this isn't an option for OAv2 (and me).

Any thought's you have or help you can provide would be most appreciated.

PS - I'm not ready to perform the complete full test yet (on beta4), but will be needing something soon...

Author:  jpa [ Tue Oct 25, 2011 3:12 pm ]
Post subject:  Re: Testing (security, vulnerability, penetration)

Forgive my naïveté but is such a thing even possible? I'm sure there are plenty of frameworks for automating the penetration testing process but someone still needs to create the tests. It would seem the massive number of XSS attacks on all maner of well known and well funded sites is testament to how hard it is to get security right. I think to do that you need to start with security in mind from the beginning.

Wikipedia (I know) led me [url=http://blog.skeptikal.org/2010/03/website-security-seals-smackdown.html]here[/url]. Again, I don't really know what I'm talking about so disregard if someone else finds the magic bullet solution.

Author:  Avastor0 [ Fri Dec 09, 2011 6:40 pm ]
Post subject:  Re: Testing (security, vulnerability, penetration)

An old Version of Nessus maybe? I remember Version 3 being Open-Source if im not mistaken

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/