tailieunhanh - Ethical hacking and countermeasures - phần 17

Tham khảo tài liệu 'ethical hacking and countermeasures - phần 17', công nghệ thông tin, an ninh - bảo mật phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | Ethical Hacking and Countermeasures Version 6 Module XVII Web Application Vulnerabilities TM c EH Scenario Certified Ethical Hacker Kimberly a web application developer works for a bank XBankfu. Recently XBank4u introduced a new service called Mortgage Application Service . Kimberly was assigned the task of creating the application which supported the new service. She finds ShrinkWarp an ASP based application on the Internet. The application suited perfectly for her development. She negotiates the price with the vendor and purchases the software for the firm. She was successful in implementing the project in time. XBank4u was ready to serve its customers online for the new service using the application that Kimberly had designed. A week later XBank4u website was defaced Was Kimberly s decision to purchase the application justified Is it safe to trust a third party application Copyright by Ec-Council All Rights Reserved. Reproduction is Strictly Prohibited EC-Council IM c E H News Certified Ethical Hacker Posted 2008 01 21 Web application hacking Inside the mind of an attacker There s a tried and true method for seeking out the maximum number of vulnerabilities possible when testing your Web applications for security flaws. No It s not a high-end Web application vulnerability scanner but rather a free technique that you can improve over time. You may not learn the methods overnight but once you do It s virtually guaranteed to take your Web vulnerability testing to the next level. It s stepping into the mindset of a malicious attacker and delving in to see v hat else in tile Web application can be exploited. Many people refer to this approach as penetration testing but it s actually more than that. Technically speaking it s called ethical hacking. This term always generates a few giggles but It s indeed a valid form of security testing. The thing IS you ll find that by looking at your Web appEcations from the dark side you ll uncover and exploit weaknesses that .

TỪ KHÓA LIÊN QUAN