3

Is there a audit system that can help me try my strings? Such as user agents, post/get data, a simple way to test general sql injections to see how my rule sets hold?

I know with fire fox I can change my user agent but what about trying post and get type attacks?

1 Answers1

3

You should test your code in a real world scenario with a web application scanner like skipfish. You could also try manually exploiting Damn Vulnerable Web App.

Tamperdata can be used to build and modify requests. Or just plain old html.

rook
  • 46,916
  • 10
  • 92
  • 181