HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 38 guests online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Web Applicationsarrow [n00b] Planning for GWAPT - Request for Help
EH-Net
May 22, 2013, 08:31:28 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [n00b] Planning for GWAPT - Request for Help  (Read 5531 times)
0 Members and 1 Guest are viewing this topic.
maanav
Newbie
*
Offline Offline

Posts: 4


View Profile
« on: September 20, 2010, 09:16:10 AM »
Dear Members

I am a new member. I have been following this site for many days. An inspiring site. Thank you all for such a wonderful repository! I'll try my level's best to contribute.

I have a request to make. I am an ISMS Implementer, wanting to make a foray into web application security. I have thought of preparing for GWAPT. Buying SANS courses are out of scope, so i have prepared a small plan. I would request all the members to have a look at it and help me to improve upon it. BTW, feel free to use it if it helps.

Thank you all
Maanav
Logged
ajohnson
Recruiters
Hero Member
*
Offline Offline

Posts: 1057


aka dynamik


View Profile WWW
« Reply #1 on: September 20, 2010, 09:39:04 AM »
Creating a new account on a hacking site and uploading an office doc is pretty suspect dude Shocked

(VirusTotal came back with nothing, so I just threw it into Google docs [hopefully no XSS], but open at your own risk...)

Gray Hat Python is going to be overkill and over your head if you're new to Python. Start with O'Reilly's Learning Python.

The OWASP guide is another great resource: http://www.owasp.org/index.php/Category:OWASP_Testing_Project

The Web App Hackers Handbook is a fairly comprehensive read. I'd go through that before diving into so many other similar books. For example, the Hacking Exposed: Web Apps book is rather out-dated.

You also get two practice exams when you sign up for a challenge, so you can use those to determine your weak areas and then research those.
Logged
WIP: GCFA | www.infosiege.net | @infosiege

The day you stop learning is the day you start becoming obsolete.
maanav
Newbie
*
Offline Offline

Posts: 4


View Profile
« Reply #2 on: September 20, 2010, 12:54:55 PM »
Hi Dynamik

Sorry for the goof-up! It was not till i read your reply that i understood the mistake i made by that upload. I'll keep it in mind. Thank you again Smiley

Initially, when i started out (that was around a month back), i had this (silly!) idea of solving this how-to-solve-GWAPT-problem not only for I but for all the people out there. Now i understand one thing, that i have to attack this thing and learn as i go forward.

Thank you. I hope to contribute to this site someday the way u people r doing ... till then, please keep it up!

Regards
Maanav
Logged
sil
Hero Member
*****
Offline Offline

Posts: 549



View Profile WWW
« Reply #3 on: September 20, 2010, 03:27:05 PM »
Quote from: dynamik on September 20, 2010, 09:39:04 AM
Creating a new account on a hacking site and uploading an office doc is pretty suspect dude Shocked

I wouldn't worry about it much. Cursors are supposed to move on their own. And those connections to APNIC, figment of your imagination.
Logged
http://www.infiltrated.net/mgz/puppylecter.jpg
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #4 on: September 20, 2010, 03:41:05 PM »
Quote from: sil on September 20, 2010, 03:27:05 PM
Quote from: dynamik on September 20, 2010, 09:39:04 AM
Creating a new account on a hacking site and uploading an office doc is pretty suspect dude Shocked

I wouldn't worry about it much. Cursors are supposed to move on their own. And those connections to APNIC, figment of your imagination.

It even said, download this DLL file from www.cn28321hdsfe.za and of course I did place it in the same directory as the excel file as mentioned Wink
Logged
I'm an InterN0T'er
sil
Hero Member
*****
Offline Offline

Posts: 549



View Profile WWW
« Reply #5 on: September 20, 2010, 04:03:00 PM »
Quote from: MaXe on September 20, 2010, 03:41:05 PM
It even said, download this DLL file from www.cn28321hdsfe.za and of course I did place it in the same directory as the excel file as mentioned Wink

Come on... How could you not trust a domain name like cn28321hdsfe.za
Logged
http://www.infiltrated.net/mgz/puppylecter.jpg
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.08 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.