A couple of suggestions: (1) There's a video on w3af that was created as part of the OWASP CBT project: http://www.owasp.org/index.php/Category:OWASP_CBT_Project
Look for "W3AF - Security Scanning" There's also videos on the OWASP Top Ten which would probably be good for you as well. (2) For general Application Penetration knowledge, I'd also recommend the OWASP Testing Guide. It covers how to conduct a application security test, step-by-step. Its on the OWASP Wiki, there are .pdf and .doc downloads and you can even order them printed on demand if you want a fancy version: http://www.owasp.org/index.php/Category:OWASP_Testing_Project Best of luck. -- -- Matt Tesauro OWASP Live CD Project Lead http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project http://AppSecLive.org - Community and Download site On Mon, 2010-05-03 at 22:00 -0700, Alicia Danes wrote: > Hi everyone, > > My name is Jim and I am new to this mailing list and new to the W3af > Tool. > I also happen to be a Linux newbie, but I have been working to change > that, and recently go my feet wet with Backtrack 4. > I got interested in W3af ever since my site got hacked. It just so > happens that I woke up this morning to a second attack on my site. > > I wear many hats in my self-run little company and I need to get up to > speed on pen-testing and security quickly. So over the weekend I gave > W3af a try. The trouble is, how do I go about interpreting the > results? The output was readable enough and made sense in several > areas, but other areas left me scratching my head. Apologies if this > has been asked before, but are there some hidden or user-written > manuals (other than the official one by the W3af team that I have > read) that will help me learn to decipher and act upon the results > somewhat quickly. > > Thanks everyone! I look forward to learning more about the W3af tool > and its many uses! > > Best regards, > > Jim Danes > > > ______________________________________________________________________ > Hotmail & Messenger. Get them on your phone now. > ------------------------------------------------------------------------------ > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
