Fuzzing is when random data is thrown at a web application to see what happens next. A Security Fuzzer is a tool designed to provide random data (fuzzing testing) to an application and record the reaction of the application. In the context of web application testing, fuzzing means testing especially for buffer overflows, parameter validation […]
Category: Vulnerability scanning
What are some web application vulnerability assessment tools and frameworks?
Vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can […]
What is Nikto2?
Nikto is an Open Source (GPL) web server scanner which can check for more than 6,700 potentially dangerous files or programs, for outdated versions of more than 1,250 servers, and for version-specific issues on more than 270 servers. Additionally, it will look at server configuration concerns such as multiple index files and various HTTP server […]
What can you tell me about QualysGuard?
QualysGuard is a vulnerability management scanner which provides solutions for vulnerability management by applications through the web. Designed by Qualys Inc., it’s available on demand. It helps the users by analyzing their vulnerability status. QualysGuard rates vulnerabilities at five severity levels with 5 being the most critical. This helps users prioritize their work and focus […]
What is vulnerability scanning, and what service does it provide to an organization? What does a vulnerability scan look for?
Vulnerability scanning checks systems for weaknesses in an application, computer or network. This is of benefit to organizations because it enables them to identify risks before they can be exploited by viruses, trojans and other attacks or exploits. A network scanner will first look for active IP addresses, open ports, operating systems and any applications […]