[nycphp-talk] Web app security scanners
Mitch Pirtle
mitch.pirtle at gmail.com
Sat Apr 22 13:22:21 EDT 2006
Just received a copy of "Penetration Tester's Open Source Toolkit"
from Syngress, and it looks like a great reference for everyone that
builds websites. A big, thick beastie, there seems to be a load of
reference on many different toolkits and plenty of language-based
discussion (c, perl, php, etc).
Might want to start there, if you want something with some heft to
keep you busy ;-)
IMHO the tools like nmap, nessus and ettercap are a great start, but
just that - a start. Getting an understanding of how these tools work,
and why they do what they do, is the real value. With that knowlege
you are then empowered to take a proactive approach.
-- Mitch
More information about the talk
mailing list