Collaborate Disseminate
As Wikipedia defines:
White-box testing is a method of software testing that tests internal structures or workings of an application, as opposed to its functionality (i.e. black-box testing).
When the code is a target of its own, this i… Continue reading Are peripheral issues and systems normally considered in a white box penetration testing scope?
I googled around this topic but nothing is available but some tools such as sonarqube, checkmarx, appscan source and etc.
can anyone help me by tutorials, books, articles or anything about it??
thanks.
Continue reading Is there any web application white box penetration testing course?
Background: I want to use white-box cryptographic to hiding the keys stored in the client application.
I am looking for existing implementations of white-box cryptography, such as AES 128 or 256. But I found that almost all … Continue reading Ways to make white-box cryptography AES implementation more difficult to be broken [migrated]
I need to perform white box testing of android as well as server code.Please let us know which is the best plugin to find vulnerability in the code.
Thanks!
I need to write PHP code in an application in which I have access to the code, because it is a white box.
However, I noticed that they use the following function:
function stripbadchars($str_chain){
$bad_chars = array(“… Continue reading How to bypass the following PHP function
In the near future I have to check the source code of a web application on security vulnerabilities. The web application mainly consists of PHP files and contains more than 300 files.
Do you know programs that can help me wit… Continue reading Source Code analysis tools available? [on hold]
I’m working for an ecommerce website written in C#.net (no CMS used, quite a lot of code) where security hasn’t been a priority for a long time. My mission right now is to find and fix any XSS breaches. There is a lot of non-… Continue reading Secure big, old ecommerce website from XSS?