Resources for the Software Security Course
OWASP
- Web site of the Open Web Application Security Project owasp.org
- OWASP top 10 (Version 2013)
- OWASP Guide (freely downloadable) For building secure Web Applications and Web services
Tools
- OWASP Zed Attack Proxy (ZAP) The open source http proxy that can be used for testing and spidering web sites.
- Burp Intruder
- SQL map (for exploiting SQL-Injection)
- Niko leveraging web server
- Httprint : determines the server name using its fingerprinting
- Jad or jode two tools for uncompiling Java code (applets for instance)
- flasm a tool for unassemble flash byte code
- whatweb Linux tool for fingerprinting of web site and web application.
Related Pages
Contact
Prof. Dr. Emmanuel Benoist
Berner Fachhochschule - TI
Quellgasse 21
CH-2501 Biel/Bienne
Switzerland
Mail: emmanuel.benoist (at) bfh.ch
Berner Fachhochschule - TI
Quellgasse 21
CH-2501 Biel/Bienne
Switzerland
Mail: emmanuel.benoist (at) bfh.ch
Social Networks
Follow
me
on
Linkedin, Scholar
& Research gate