Guys,
I am thinking whether I can get a sample code or maybe a
framework that
demonstrate the following:
- Authenticate user
- How to move around between pages securely
- Idle period (automatic log off), etc
I am also looking for a baseline that describes the minimum
or the
standard requirement for critical web application e.g.
Internet Banking.
For instance I noticed that in most of the internet banking,
the user is
required to enter the password by clicking the button in the
sites, I
guess the reason to do such thing is to prevent key logger
attack.
Does anyone know where I can get such things?
Thanks,
GG
------------------------------------------------------------
-------------
Sponsored by: Watchfire
AppScan 6.5 is now available! New features for Web Services
Testing,
Advanced Automated Capabilities for Penetration Testers, PCI
Compliance
Reporting, Token Analysis, Authentication testing, Automated
JavaScript
execution and much more.
Download a Free Trial of AppScan today!
https://www.watchfire.com/securearea/app
scancamp.aspx?id=70150000000CYkc
------------------------------------------------------------
-------------
|