Yes, we have to test for the low hanging fruit where web application and webbrowser security testing is concerned. So I start to test with websecurify, a fuzzing tool xulrunning application testing tool for vulnerabilities.
Found this fine testing tool via GnuCitizen, you can download it from here for windows: http://websecurify.googlecode.com/files/Websecurify%200.3.exe
I will test with it thoroughly and report here to you all,
HI polonus,
but i cant enter google code so can you tell us what is going:“that is the message i recive”,i recive it each time i try to enter google codes.
"Forbidden
Your client does not have permission to get URL /files/Websecurify%200.3.exe from this server. (Client IP address: 82.xxx.xxx.xx)
You are accessing this page from a forbidden country."
i put xx instead of numbers
There is a way around this. Either go to the site as the official American google url or proxify it to evade the local ban.
You can also use plug-ins and extensions inside Websecurify, like hackbar etc.
thanks polonus,hacking is my passion"not enter others pc",and i know those methods but is thi legal or not ?for google and my country?
can i use those methods to enter?for google legal or not
can i use those methods to enter?for syria legal or not
You can only enter those url’s that are owned by you or test those sites for which you were given explicit permission to test. links: http://blog.websecurify.com/
So whenever there are webmasters here that own a website and have vulnerability problems and give us explicit permission to look at their site using websecurify then I think it is legit to use it in forecoming cases, however this could also be depending on what is outlined according to local law and regulations in your country of origin. If you have/own a website and use websecurify to test whether their is banner exposure or other security risks, I think it is OK. But you better inform about that yourself.
First use official sources like webpage security sites, anubis, wepawet etc.
Giving the link here for webmasters and security testers I assume is legit, that is what I have done.
You could also use fuzzbot extension into Firefox and then have no questions asked: https://addons.mozilla.org/en-US/firefox/addon/8736 (not available yet for Windows)
but you can use Fuzz on Windows in firefox - install here, my good friend, http://rdfa.digitalbazaar.com/fuzz/downloads/fuzz-windows-i386.xpi
Hi Friends,
I am a newbie in Web Security, for the purpose of vulnerability check I install Websecurify in my
linux Box(Fedora core 13). I now just forget how to run same , i think some command like
xulrunner, But I cannot remember it, Please give the command description of websecurify to
run same…
Hi Friends,
I find the way to test in web securify, now I need to check a page which need authentication(means simple login using username and password). Do I need
to do any thing special in such pages . please give a helping hand ASAP.