[Owasp-delhi] Session ID analysis
vaibhg at gmail.com
Wed Nov 3 03:55:59 EDT 2010
One good tool for session ID analysis is Owasp - Webscarab.
It can extract and plot session ID values over time in graphical format and
help inferring its randomness. You can even use Burp-Sequencer for indepth
analysis for the session IDs.
On Tue, Nov 2, 2010 at 1:54 PM, suresh tiwary
<sureshtiwary at rediffmail.com>wrote:
> Dear All,
> May we know the tools(open source, freeware and commercial tools) and
> scripts available for Session ID analysis in web applications. Which
> commercial tool is best for Session ID analysis ?
> Many companies working in IT Security but do not perform Session ID
> analysis and so how do they conclude the risk analysis of Session ID during
> web application penetration testing & assessment ? Is the Session ID
> generated by .NET application/ framework safe enough. how about java web
> applications ?
> <http://sigads.rediff.com/RealMedia/ads/click_nx.ads/www.rediffmail.com/[email protected]?>
> Owasp-delhi mailing list
> Owasp-delhi at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-delhi