Reason7194 wrote:Just on a side note here, I remember reading a mods comment about if the hts users should pin test a free-hosting website. They said it could bring up legal issues.
And as for finding holes in their website, it's more of using your own knowledge on how to manipulate the syntax of what the pin tester is testing.
iistapp wrote:So where would I get an intercepting proxy for background use to log all traffic as suggested? Is this a simple google and two click download, or does it take quite some skill to set this up?
iistapp wrote:Also, what would you suggest to learn to know and see what can be attacked?
iistapp wrote:If I were to do a walk through of HTS to find vulnerabilities, where would you suggest me to start? And how would you suggest me to start off? Would it be the same way for every page, or does it depend on what programming language is used on the page or what?
iistapp wrote:Loads of questions, I apologise for that, but I feel like you guys are honest people and can aid me with the best answers on topics like this
OhMythelees wrote:Hi all,
Another n00b to add to the list...
iistapp wrote:Setting up a webserver, does that cost me money or is this free? I think I'll have to start off by doing that and try to get my own website up and then do a penetration test on it, with help from one of the intercepting proxy's mentioned
Then just do some testing by my self to try to understand this whole thing better, as I seem to understand it in theory but not in practice.
By the way, would it be illegal to pen-test my own webpage?
Assassian360 wrote:You could either setup a locally hosted server on your own machine (there are a variety of different free programs available that allow you to do this), or you could find a free web host and dump your things on there. And it is not illegal to pen-test your own webpage.
Users browsing this forum: No registered users and 0 guests