[Owasp-testing] Add new tools

Aung Khant aungkhant at yehg.net
Thu Sep 10 12:31:37 EDT 2009


Hi Kevin

I can't agree with you more.

I'm in no doubt that tools makes our life a lot easier in some situations
when
manual testing is our default arsenal.

As far as I'm concerned, such a tool project rarely interests folks
and they usually underestimate such.

One example is notable certification - CEH, which people have been saying
- a collection of tools and their usage.

Without tools, penetration testing will take a lot longer.
Without methodology, penetration testing won't be complete and perfect.

Should we start - OWASP Web Pentesting Tool Database Projects?

I think we should. There is no such Distro designed for thorough web
testing.
BackTrack lists just a few of web tools. Either does Samurai.
A big challenge is that we can't stick to one platform. Some tools are for
Windows [Can't run with wine].
Some for Linux. We have to use both.

Some may point to me sites like http://www.security-database.com/.
As far as I know, no single site is dedicated to app sec.


On Thu, Sep 10, 2009 at 9:45 PM, Kevin Horvath <kevin.horvath at gmail.com>wrote:

> Hello Aung,
>
> The guide is about the methodology and some tools are given as an
> example of what can be used but in no means is meant to be all
> encompasing.  To have a list of tools that would be useful in app
> testing could be a seperate project in itself that would need to be
> constantly updated.  Although I believe having a tool listing would be
> a nice project to have for all aspects of app testing i dont think
> that it should be part of this guide (IMHO).
>
> On Thu, Sep 10, 2009 at 11:06 AM, Aung Khant <aungkhant at yehg.net> wrote:
> > Hi Mat and List
> >
> > New web app test tools are developed from time to time.
> > Is it good to add new tools to the Guide wiki?
> >
> > Or does it  introduce over redundancy ?
> >
> > --
> > Best Regards
> > YGN Ethical Hacker Group
> > http://yehg.net
> >
> > _______________________________________________
> > Owasp-testing mailing list
> > Owasp-testing at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-testing
> >
> >
>



-- 
Best Regards
YGN Ethical Hacker Group
http://yehg.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-testing/attachments/20090910/28e6507a/attachment.html 


More information about the Owasp-testing mailing list