- Web Penetration Testing with Kali Linux(Third Edition)
- Gilberto Najera Gutierrez Juned Ahmed Ansari
- 150字
- 2021-06-24 18:44:50
Status meeting and reports
Communication is key for a successful penetration test. Regular meetings should be scheduled between the testing team and the client organization and routine status reports issued by the testing team. The testing team should present how far they have reached and what vulnerabilities have been found up to that point. The client organization should also confirm whether their detection systems have triggered any alerts resulting from the penetration attempt. If a web server is being tested and a WAF was deployed, it should have logged and blocked attack attempts. As a best practice, the testing team should also document the time when the test was conducted. This will help the security team in correlating the logs with the penetration tests.
WAFs work by analyzing the HTTP/HTTPS traffic between clients and servers, and they are capable of detecting and blocking the most common attacks on web applications.
推薦閱讀
- Linux運(yùn)維之道(第3版)
- 鴻蒙生態(tài):開(kāi)啟萬(wàn)物互聯(lián)的智慧新時(shí)代
- Linux網(wǎng)絡(luò)操作系統(tǒng)與實(shí)訓(xùn)(第三版)
- 精通Linux內(nèi)核開(kāi)發(fā)
- SharePoint 2013 WCM Advanced Cookbook
- Extending Bootstrap
- 嵌入式操作系統(tǒng)(Linux篇)(微課版)
- Linux命令行大全(第2版)
- Linux系統(tǒng)最佳實(shí)踐工具:命令行技術(shù)
- Windows 7實(shí)戰(zhàn)從入門(mén)到精通
- Building Telephony Systems With Asterisk
- Linux從入門(mén)到精通(視頻教學(xué)版)
- Android應(yīng)用性能優(yōu)化最佳實(shí)踐
- Java EE 7 Developer Handbook
- 鴻蒙HarmonyOS應(yīng)用開(kāi)發(fā)從入門(mén)到精通