Tag Archives: PenTest

Installing / Using W3af

Background W3af is a vulnerability scanner for web applications. Arbitrarily scanning random webpages / sites without permission from the site owners could get you a visit from law enforcement of the cyber type (FBI in the US). I recently had … Continue reading

Posted in Pentesting | Tagged , , , | Leave a comment

Pentesting: Day 1

Occasionally I get the opportunity to do something interesting, and today was one of those days. As part of a customer engagement, we are scanning parts of their public interfaces for vulnerabilities. We are stopping short of actual pen-testing, but … Continue reading

Posted in Pentesting | Tagged , , | Leave a comment