[Owasp-delhi] Session Related Issue
s.parmendra at gmail.com
Mon Feb 16 22:26:48 EST 2009
Dear OWASP Members,
Please put some light on the following points:
-> While scanning a website using a tool to find out the possible
vulnerabilities...what happens if the Session Time is short for an
application. To overcome this problem should we increase the number of
threads used by the scanner for faster scanning......but it will also
increase the load on the server.
-> While using some Authentication testing tools such as Web Brute
(Webinspect), Brutus .....How does these tools works with an application
having a short Session timeout as cracking passwords took a lot of time
depending upon the strength of the password.
Thanks and Regards:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Information Technology
Government of India
6 C.G.O Complex
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-delhi