WebSphere Hardening

13 06 2011

Good tutorials by IBM developerWorks
Part 1: Overview and approach to security hardening
Part 2: Advanced security considerations





Web-Proxy Tools

25 03 2010

To intercept information communicating between client and server, a proxy tool is what we need. I made a glimpse on these tools.

1. Paros : simple and easy to intercept traffic and spider a target website

2. Burpsuite : I think burpsuite is better than Paros in terms of GUI. I can manipulate variables easier and that leads me to attack a website in a more convenient way.

3. Webscarab : a web proxy tool by OWASP, not much different from burpsuite, but it shows memory usage while running the program.

All of all, enumerating web content can be done with these good and especially free tools.