[Owasp-delhi] Session ID analysis

suresh tiwary sureshtiwary at rediffmail.com
Tue Nov 2 04:24:00 EDT 2010


Dear All,



May we know the tools(open source, freeware and commercial tools) and scripts available for Session ID analysis in web applications. Which commercial tool is best for Session ID analysis ?



Many companies working in IT Security but do not perform Session ID analysis and so how do they conclude the risk analysis of Session ID during web application penetration testing & assessment ? Is the Session ID generated by .NET application/ framework safe enough. how about java web applications ? 



regards,

suresh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20101102/a8b6481b/attachment.html 


More information about the Owasp-delhi mailing list