From Security Weekly WikiJump to navigationJump to search
[http://engineeringforfun.com/browserrider.html Browser Rider] - [John Strand] - Sure BEeF is cool. But competition is even better. We will be taking a quick look at a tools that does many of Wade's cool BEeF tricks and comes with some new tricks of its own.
pauldotcom.com/viewtopic.php?id=153 All I want for Christmas is....] - [Paul] - I now present to you, the PaulDotCom Listener Christmas list:
* [http://www.fit-pc.com/new/ Fit-PC Slim]
pauldotcom.com/viewtopic.php?id=163 Web App Testing Tools Question] - [Paul] - Thoughts on this one? For Windows, use Cygwin and whip up a Perl script if you need to, or use Active Perl. To test web apps, you may need to do this. Java applications are just like any other, so test them for XSS and SQL injection just as you would a PHP app, at least to start. Use BEEF to break into the clients, XSS doesn't help you break into the server unless you hook the sysadmins browser. - John (Strand) has a nice video on BEEF that is hosted by Irongeek. It can be found [http://www.irongeek.com/i.php?page=videos/beef-browser-exploitation-framework here]
:'''Links to SQL Injection automation tools''' ''(that run on Windows):''