canalicomputers
asked on
How to get a web application penetration test and vulnerability scan?
A client is asking for a web application penetration test and vulnerability scan before they commit to using a particular web application. Please advise where to go to for such tests and scans. Thanks.
If you don't know exactly what you're doing forget about trying to do it yourself, least of all with just generic code debug tools.
Hire a security consultant to perform the scan.
Hire a security consultant to perform the scan.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Your code should have NO depeciated code i.e using gets() vs fgets(), strncpy vs strcpy, (these are susceptible to buffer overloads)
use different ports and protocols addressed at the web app and see what happens..