which tool for web application test?

Started by berghem, September 21, 2012, 07:57:31 PM

Previous topic - Next topic

berghem

As title, which tool foe white box analysis in web application?
I saw ibm appscan, but this is owner, is there a open source tool?

ZEROF

Before i say use Google, what is vulnerable you want to find ?

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

ostendali

lets ask in polite way Zerof ;)
berghem: your question is quite generic, maybe you want to say which tool is the best one to test web application vulnerabilities?
In this case people can reply their opinion here with different comparison. However, section "Audit->Vulnerability Assessment -> Web application assessment" and "Audit-> Exploitation -> Webb application exploitation" are the best place for what you are looking for.

You should also specify further your question (as our Zerof underlined), what kind of web application we are talking about? CMS/joomla/wpress/etc)...

For generic web application, I'd say, ZAP for assessment and w3af for exploitation.

Hope answered to your question.

ZEROF

I'm sorry if I was rude, it wasn't my intention at all, it was one way joke in my way. Ostendali thanks to making a point and giving good reponse like always.

Cheers !

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

berghem

I'm looking an open source application for code review, witch can detect some vulnerabilities  so:
null pointer dereferences
quality of code
problem with dead code
no security crypto functions
sql injection
cross site scripting
....

this for php, java and .net languages

IBM appscan does these things, but is owner tool

joker__

#5
hi berghem.
I know that backbox is providing ZAP proxy, for web application scanning. Although i think it could be difficult for a tool detecting all the vulnerabilities. Of course many tools may exist, that check for owasp top ten (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project), but they need your "help";) You'll have to test yourself, not simply giving a website to an app to be examined.
I think you may try a different tool for each vulnerability you think it can be.
I suggest you sqlmap for sql inj.
I don't know about applications for XSS, even if good firefox plugins (such as XSS-me), may do it pretty well.
For the other vulns, i think your are a bit confused: would you discover flaws in a "black box" (a website, you want to test), or in a "white box", such as a source code that you can review...?
joker__
http://piecesofsheets.wordpress.com/ [soon in english]


berghem

if I not mistaken, ZAP is a tool for only black box analysis and not for white box analysis.
If I have the source code of application, i can do the white box analysis, but did't find a  linux tool for automatic scan of the code, like IBM app scan

http://www-01.ibm.com/software/rational/products/appscan/source/

joker__

Quote from: berghem on September 26, 2012, 11:54:38 AM
if I not mistaken, ZAP is a tool for only black box analysis and not for white box analysis.

Yes, you're right. As far as I know, backbox does not include white box analysis tools.
I did a short search on google, "white box code analysis tools", and I found out a nice tutorial, https://buildsecurityin.us-cert.gov/bsi/articles/best-practices/code/214-BSI.html
The OWASP project site talks about it too: https://www.owasp.org/index.php/Static_Code_Analysis . And owasp does things pretty good.
If you watch at the bottom of the second link, you may find your answer...tools :)
joker__
http://piecesofsheets.wordpress.com/ [soon in english]

darwish

ZAP, w3af, Web Slayer, Burp Suite ...

to verity specific vulnerability (XSS, SQL)...  just hands! :)

Stolas

Quote from: darwish on September 27, 2012, 11:40:32 AM
just hands! :)

/* Troll-On */
Let me recommend brain usage besides your hands.
/* Troll-Off */
Whenever you think you can or can't your right.

darwish