Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×
Security

Submission + - How Red Teams Hack Your Site to Save It->

Nerval's Lobster writes: "The use of a Red Team and penetration testing can strengthen an organization’s security posture. But how does a Red Team member actually think like an attacker, and use that mindset to exploit security vulnerabilities?

Gillis Jones works for WhiteHat Security, where his job rests within the TRC (Threat Research Center). It’s here that he performs hands-on site assessments, which involve manually confirming all the issues reported by an automatic scan of a particular Website or application. His job includes checking the application’s POST and GET requests for reflection of any inputs. He also checks for Cross-Site Scripting (XSS), which includes stored, reflected, and DOM XSS vulnerabilities. His aim is to build a mental map of a Website and its applications, so he knows “where to hit, where important functionality is, stuff like that.” Information leakage, XSS and SQLi are also common problems."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

How Red Teams Hack Your Site to Save It

Comments Filter:

The value of a program is proportional to the weight of its output.

Working...