Penetration Testing Web Application
Hi, i need to do a penetration test for a web application. I was wonder who would be the best company to ask to perform such a test?
Any recommendations?
I am based in Melbourne..
Any recommendations?
I am based in Melbourne..
bbao
what kind of web application? what kind of penetration tests? why not DIY?
Try Arachni. I am using it myself and so far it is good to use.
ASKER
the web application is a portal with access to our database so i need to make sure that everything front facing has been coded ok. I heard the DIY tests are not that good unless you really know what you are looking for? Is that correct?
ZAP provides automated scanners as well as various tools that allow you the cyber pro to discover security vulnerabilities manually.
Check https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
For more information about WEB APP PENT TEST join cybrary
https://www.cybrary.it/course/web-application-pen-testing/
Check https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
For more information about WEB APP PENT TEST join cybrary
https://www.cybrary.it/course/web-application-pen-testing/
Not to confuse ZAP with the Melbourne based ZAP Computers - they are more BI consultants. Assuming the "Melbourne" you refer to is the capital of Victoria Australia ;)
And I tend to agree that it is sometimes better / easier to get a consulting firm involved for this type of thing. Not sure of Melbourne based firms, but have recommended SecureWorks (Sydney head office) : https://www.secureworks.com.au/capabilities/security-risk-consulting/network-security/penetration-testing and there is an office in Melbourne for https://www.senseofsecurity.com.au/consulting/penetration-testing but don't know them...
There is a good site for testing help : http://www.softwaretestinghelp.com/penetration-testing-tools/ and if you click on the first link it takes you into penetration testing complete guide and well worth reading. Even has some ads for local testing companies.
Good luck and let us know how you go and what you have found (in terms of resources).
Cheers,
Mark
And I tend to agree that it is sometimes better / easier to get a consulting firm involved for this type of thing. Not sure of Melbourne based firms, but have recommended SecureWorks (Sydney head office) : https://www.secureworks.com.au/capabilities/security-risk-consulting/network-security/penetration-testing and there is an office in Melbourne for https://www.senseofsecurity.com.au/consulting/penetration-testing but don't know them...
There is a good site for testing help : http://www.softwaretestinghelp.com/penetration-testing-tools/ and if you click on the first link it takes you into penetration testing complete guide and well worth reading. Even has some ads for local testing companies.
Good luck and let us know how you go and what you have found (in terms of resources).
Cheers,
Mark
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.