To answer this , some this your need to check in web site
1)Cross site scripting
6)Blocking of unused ports of Webserver
7)Communication between your webserver and database server
8)Essential Security patches on your servers.
i am trying to use the webscarab tool but i do not know where to start...
my project is an online system using .NET.
is it possible to use web scarab to get the data being transferred from client to server and then change the data before it will be submitted to the server? this is to verify if there is a server validation being implemented.
what kind of setup is applicable in using web scarab? web server and web scarab in 1 machine? should this be done outside of our company network? other things that i should setup?
Read the information in the links I sent - personal messages are restricted to new members - do not use this thread to ask these questions again - you have hijacked someone else's thread which is a behavior that is considered undesirable.