Gaurav, we have been sharing lots of tools, tutorials on this subject. However, please find below the details as requested all these to be in open source:
Active Application Security Testing Tools: [Preferred way of testing; when the applications are in pre production environments] http://w3af.sourceforge.net/ http://code.google.com/p/skipfish/ http://www.websecurify.com/ http://www.ict-romulus.eu/web/wapiti/home Passive Application Security Testing Tools: [Preferred way of testing; when the applications are in production environments or hosted under cloud infrastructure] http://websecuritytool.codeplex.com/ http://code.google.com/p/ratproxy/ You may also refer few of our discussion posts dedicated on tool wrt Web applications security or web services. Thanks! Regards Sandeep Thakur -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
