Web App Pentesting 2/2011

This text is available for purchase but you need to login or register first.
You can buy this for 10 USD
Please register for free account or subscribe and get access to all issues on this website!

Remember Me

active subscribers – to download this issue click on the cover of the magazine on the main website or scroll down this page and click the Download button
single issue buyers – after paying for this issue click “Web App Pentesting 2/2011 ” (which will show just above that text)to download your copy of the magazine

WebAppPentesting 2/2011


Web Application Security for Newbies part 1
By Herman Stevens
Herman introduces us to the world of hacking and web appliaction security. He shows us his own biography as a hacker and professional, as he mention: „Let’s face it: hackers like to take things apart to see how they work and find it challenging to find other, completely different uses other than their intended purpose”. What are his first conclusions, and what he recomends for newbies you will know reading this briliant article.


Web Session Management – reality is a nightmare!
By Rishi Narang
Session Management is fundamentally a process of keeping track of a user’s activity across multiple connections or interactions with the machine. Rishi Narang shows checklist of precautions for developers to follow as a benchmark option for web applications. He claims that: „A pentester can keep such a checklist as a benchmark option for web applications, but remember: the checklist alone is not enough. It is always necessary and expected from a pentester to be effective in impromptu situations and bring something out of the box”.

A chance to ease automated Web Site testing.
By Marek Zachara
„Testing a web application is a tedious task. Also, the requirements for a perfect tester are almost impossible to meet. Such person should be thorough, resistant to boredom of numerous repetitions and yet creative to invent new testing scenarios” maintains author. Software in general, and web applications in particular are constantly growing in size and complexity. It seems that a general trend in software is to increasingly utilize heuristics, AI, fuzzy logic and similar methods, so a strict control on the software behavior is being sacrificed for the benefit of functionality, easier development and new areas of use.


Passwords considered harmful, yesterday.
By Neil Matatall
Neil Matatall begins his article with the statement that: “Security is one of the hottest topics today in both technology and everyday life”. Isn’t it? Traditionally, passwords are the weakest link in the security program. Passwords are a problem. Today where passwords are used in more situations than ever.The safe passwords are one of the most important things in protection of our bank accounts, e-mails or even social media activities. What you should know about all aspects of the passwords protection you can find in this article.

Cyber War
Cyber Security War – ofensive vs defensive
By Jatin Jain
When we talk about “IT” industry we cannot ignored web threats or other related application and protection of defense technology is also challenging, the number of vulnerabilities being discovered in applications is far greater than the number of vulnerabilities discovered in networks – notes author. More exploitation attempts are recorded on application programs. Various attacks from the web have become the biggest challenge and problem for the cyber security and it’s also becoming a worse day by day as new attacks or “0”day comes in the market of hacking. Is Cyber Security War a real danger you will know after reading this article.

Preservation and hacking
Web Application Security – Preservation and Hacking
By Priyanka Tomar
Are you sure that your web application is protected against cyber attacks? Is it possible for an attacker to get unauthorized access of your web application? Priyanka Tomar is trying to give us answers to this questions. As she says: I would like to focus on some of the major issues which need to be fixed while programming. Nowadays lots of automatic security audit tools are available in the market so it is better to use those tools however manual testing is a must for better and improved security. Is Secure Workstation the answer for the cyber attakcs? You will find the answer in this article.

E-banking ghosts
by Sebastien Bischof and Jean-Marc Bost
A TV show on the Swiss german TV channel SF1 followed a team from ETH who conducted a study on e-banking security. A few computer researchers from the renowned ETH polytechnicum in Zürich were challenged to evaluate the security measures in use on their e-banking sites. Result: they defeated all but one. The survivor (the “winner”) saved its reputation thanks to the systematic protection of every transaction in addition to the protection of the session. Authors are showing us risks of e-banking. Follow their article to know more.

Mike Brennan and Richard Stiennon “Cyber Styletto”
We would like to introduce our dear readers to Prologue and 1st Chapter of the new novel written by Mike Brennan and Gian Detorre.
Super hacker Yvonne Tran, part of a secret government agency called CyberCom, is brought in to investigate a malicious network attack that caused the deaths of eight innocent people. She and her team follow the trail to Hong Kong and Afghanistan, and they must pinpoint the source before the next attack, which has the potential to kill hundreds of US citizens.

WAPT 2/2011 TeaserWAPT 2/2011 Teaser - PenTest Teaser
WAPT 2/2011 Teaser

Follow the steps below to download the magazine:
  1. Register, accept the Disclaimer and choose subscription option.
    By choosing the Free Account option you will only be able to download the teaser of each issue.
  2. Verify your account using the verification link sent to your email address.
  3. Check the password sent on your email address and use it to log in.
  4. Click the download button to get the issue.

IMPORTANT: the registration on the website includes subscription to our newsletter.

Comments are closed.