#1 Netsparker is a nice security testing tool http://www.mavitunasecurity.com/communityedition/
<http://www.mavitunasecurity.com/communityedition/>Be warned to run this only against your own sites, otherwise you will get some surprises (not that I made this experience ;-| ) and make sure to read this http://www.mavitunasecurity.com/blog/before-using-netsparker/ #2 Regarding checklist, here is a top 10 http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project <http://www.mavitunasecurity.com/blog/before-using-netsparker/> .peter.gfader. http://blog.gfader.com On Tue, Mar 15, 2011 at 7:03 PM, Chris Walsh <[email protected]> wrote: > Isn't there an MSFT tool that you can use? I remember hearing something at > teched 2010. > > Sent from my Windows Phone > > -----Original Message----- > From: Rob Andrew > Sent: Tuesday, 15 March 2011 18:48 > To: 'ozDotNet' > Subject: RE: External Security testing of websites > > > On a related note, does anyone have a cheatsheet/checklist of common web > checks to perform with respect to securing a website against common > attacks? > > Thanks > Rob > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Simon Haigh > Sent: Tuesday, 15 March 2011 4:04 PM > To: ozDotNet > Subject: OT: External Security testing of websites > > How do people get their websites tested by 3rd party security firms > without publishing them to a live environment and running the risk of > the site being hacked and/or internal networks being compromised. > > Do people have a 2nd 'sandbox' environment which is totally isolated > (airgapped) from your main business networks or do you just take the > risk. > > Thanks > Simon > > On 3/15/11, mike smith <[email protected]> wrote: > > On Tue, Mar 15, 2011 at 3:12 PM, David Connors <[email protected]> wrote: > >> [Window Title] > >> Windows Internet Explorer 9 > >> [Main Instruction] > >> Internet Explorer 9 is now installed > >> [Content] > >> Some Internet Explorer files were in use during setup. Restart your > >> computer > >> to use Internet Explorer 9. > >> [Restart now] [Restart later] > >> Fail. > > > > Yes, you still can't close IE completely... > > > > and > > > > > > http://www.itnews.com.au/News/251183,non-microsoft-hypervisors-miss-ie9-acce > leration.aspx > > > > VMware, and I don't know which others. > > > > > > -- > > Meski > > > > "Going to Starbucks for coffee is like going to prison for sex. Sure, > > you'll get it, but it's going to be rough" - Adam Hills > > > > -- > Sent from my mobile device > > -- .peter.gfader. http://blog.gfader.com/ http://twitter.com/peitor
