How To Do Web Penetration Testing?

Looking for a good web penetration testing client

I'm implementing mod_security on an apache server. In order to test the effectiveness of the protection, I am looking for a client that can generate a set of predefined malicious HTTP requests. I will test the requests with and without mod_security enabled and based on the logs see what percentage of malicious requests has been blocked. Do you know any good tools to generate a set of predefined malicious HTTP requests?
Answer:

There's several free/open source options out there. A close friend of mine who's a Web applications pen tester uses none of these (with exception to Nessus, but only the Professional Feed) as their toolset is quite a bit more sophisticated and contains many unpublished zero day exploits. However, they're very expensive and require certain certifications/qualifications to purchase. While these tools may not be on the bleeding edge as far as pure, zero-day vulnerability scanning goes, there's still alot of older, well-known vulnerabilities that are exploited daily, so this will certainly give you a pretty good idea of what's potentially vulnerable on your system, exploit or not (i.e. finding unscrubbed parameters, any misconfigurations, etc.). http://www.tenable.com/products/nessus (the Professional Feed is > $1000/yr, but the free version still has quite a few vulnerabilities) http://www.metasploit.com/ http://wapiti.sourceforge.net/ http://cirt.net/nikto2 http://code.google.com/p/skipfish/ Couple of things that you may not be aware: Full scans can take days sometimes weeks to complete, depending on the size of the site, the network (see below), and the breadth/depth of scan rules Plan accordingly. Some of the scanners have throttling features but because of the sheer volume of requests, it's better to: a) test your Web application on a fast network (LAN); b) obviously this Web application shouldn't be in production and if so, I'd be running it with a test data set; c) have plenty of resources for logging (or disable it altogether). You may also want to periodically check the http://www.exploit-db.com/ for known exploits out there; I do a periodic search for any open source Web applications I'm hosting and disable or patch as required (I'm looking at you http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=joomla&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=).

user64204 at Server Fault Visit the source

Was this solution helpful to you?

Related Q & A:

Looking for a good camcorder under $800?Best solution by Yahoo! Answers
Looking for a good business name?Best solution by nameideas.wordpress.com
Looking for a good airsoft rifle?Best solution by Yahoo! Answers
Looking for a good Pc Game?Best solution by Yahoo! Answers
Looking for a good 3-4 day backpacking/camping trip in late May in Southern CO?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.