[Owasp-delhi] Session Related Issue

Parmendra Sharma s.parmendra at gmail.com
Mon Feb 16 22:26:48 EST 2009

Dear OWASP Members,

Please put some light on the following points:

-> While scanning a website using a tool to find out the possible
vulnerabilities...what happens if the Session Time is short for an
application. To overcome this problem should we increase the number of
threads used by the scanner for faster scanning......but it will also
increase the load on the server.

-> While using some Authentication testing tools such as Web Brute
(Webinspect), Brutus .....How does these tools works with an application
having a short Session timeout as cracking passwords took a lot of time
depending upon the strength of the password.

Thanks and Regards:

Parmendra Sharma
Indian Computer Emergency Response Team (CERT-In)
Ministry of Information Technology
Government of India
6 C.G.O Complex
Lodhi Road
New Delhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090217/91b9a276/attachment.html 

More information about the Owasp-delhi mailing list