Hi all,
Check out some more tools from foundstone esp cookiedigger with some nice clean features.
CookieDigger™
for download http://www.foundstone.com/resources/...okiedigger.zipCookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. The tool works by collecting and analyzing cookies issued by a web application for multiple users. The tool reports on the predictability and entropy of the cookie and whether critical information, such as user name and password, are included in the cookie values.
Hacme Books™
For download http://www.foundstone.com/resources/...hacmebooks.zipThe Hacme Books application simulates a ‘real-world’ eCommerce bookstore and was built with known and common vulnerabilities to teach application developers, programmers, architects and security professionals how to create secure Java software. Leveraging this new tool, software developers and architects can examine real exploits against Java applications and learn from the offending code in order to better understand vulnerabilities and how to repair them.
For having a information about foundstone's other tools.
http://www.foundstone.com/resources/freetools.htm
Thanks
Reply With Quote