Skip to main content

Security Testing Sessions Meet - 17th June - Video Recordings

Hello Everyone,

In the first session on 'Security Testing', we had a discussion about following topics:

1. Web Security Testing
2. HTTP Protocol
3. Session ID & Cookies
4. OWASP
5. Live HTTP Header (Firefox Addon)

We covered the basics of Web technology and discussed about how the web technology works as such. In the subsequent session, we shall concentrate on specific threats.



Some of the attendees requested me to provide the url details of OWASP Top 10 document and other tools. I have provided them below for your reference:

1. OWASP Top 10 document
2. OWASP WebScarab
3. OWASP ZAP Proxy
4. OWASP Testing Guide

You can find the video link of the session here.

Please let me know if you require any further details.

Thanks,
V.Vasanth

Comments

  1. Hi,

    Thanks for sharing!

    Does the video have audio also? I can't hear any speech, but volume should be ok.

    Have a great week!


    Best regards,
    Jari

    ReplyDelete
  2. The sound is ok for me for the video shared above.

    ReplyDelete
  3. Hi Jari,

    Video contains Audio as well. Please check your speakers...

    ReplyDelete
  4. Not able to listen to Audio, tried it on multiple machines.

    ReplyDelete

Post a Comment

No spam only genuine comments :)

Popular posts from this blog

Distributed Load Testing with JMeter

Distributed Testing with JMeter When one JMeter client is not able to offer amount of threads required for load testing then distributed testing is used. In distributed testing - One instance of JMeter client can control number of JMeter instances and collect data from them Test plan does not need to be copied to each server, the client sends it to all servers note - JMeter will run all the threads on all the servers, hence 100 threads on 5 JMeter server would pump 500 threads in total. If many server instances are used, the client JMeter can become overloaded and so the client network connection. This has been improved in latest versions of JMeter by switching to Stripped modes, but you should always check that your client is not overloaded When Client (master) and Server (slave) nodes are on same network (no SSH required) Configure Client Node Herein client is referred as the machine controlling test execution on other JMeter nodes. This is also referred

Using chrome console to test xPath and css selectors

Since the advent of selenium there have been many plugin to test xPath / css selectors but you don’t need any of them if you have chrome browser. Using Chrome console you can test both xPath and css selectors. Launch website to be tested in chrome browser and hit F-12 and you would see chrome console opened in lower pane of application - Hit escape key and console would open another pane to write element locators - And now you can start writing xPath or css selectors in chrome console and test them - The syntax for writing css id - $$(“ ”) And hit the enter key. If your expression is right then html snippet of the application element corresponding to the css selector would be displayed - If you mouse over the html snippet in chrome console then it would highlight the corresponding element in application - If you want to clean console of previously written element selectors then just hit ctrl+L keys and chrome console would be empty again. Pro

XPath and single quotes

I had tough time dealing with XPath and single quote. Though W3C recommends using ' to escape it but I never got it working, let me know if any of you get through. Came across this blog and found that “concat” could be used in this situation. So original XPath expression is – //meta[@name=’DESCRIPTION’][@content=’Tester’s Test’] This is some thing which certainly fails as single quote in “Tester’s” marks it at end of string and then XPath blows up, next trial was – //meta[@name=’DESCRIPTION’][@content=’Tester''s Test’] This does not work despite w3c recommendation! And then I used concat function and split the string as – concat(‘Tester’,”’”,’s Test’) NOTICE that single quote is kept in double quote while other characters are kept in single quotes. So XPath looks as – //meta[@name=’DESCRIPTION’][@content=concat(‘Tester’,”’”,’s Test’)] And this works charm.