Saturday, June 14th, 2008
Cross-Site Scripting (XSS) is an attack that's pretty basic to detect, pretty basic in execution, and you'd think that it would be rather simple to understand. Unfortunately this is apparently not the case. I won't go into the details of Cross-Site Scripting because others have beat that to death - ...
Posted in Coding, Internet, Privacy, Security | 1 Comment
Wednesday, June 11th, 2008
A hacker has posted attack code that exploits critical flaws in the Safari and Internet Explorer Web browsers.
The source code, along with a demo of the attack, was posted Sunday on a computer security blog. It can be used to run unauthorized software on a victim's machine, and could be ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
Tuesday, June 10th, 2008
If you're looking for a vulnerability scanner, chances are you've come across a number of expensive commercial products and tools with long lists of features and benefits. Unfortunately, if you're in the same situation as most of us, you simply don't have the budget to implement fancy high-priced systems. You ...
Posted in Coding, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Monday, June 9th, 2008
Here is a list of new security tools that were released in the past week.
SQL Ninja 0.2.3 - SQL server injection and takeover tool
fgdump 2.1.0 - Tool for mass password auditing of windows systems
AxBan 1.0.0.4 - ActiveX killbit program
Nmap 4.65 - Network port scanner
Nessus 3.2.1 - Vulnerability assessment tool
Immunity Debugger ...
Posted in Coding, General BS, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Tuesday, June 3rd, 2008
Access-Me allows users to test their web applications for authentication vulnerabilities. With this first release the user will be able to:
Resubmit the current page without session tokens
Resubmit the current page using different HTTP verbs (HEAD/SECCOM)
View reports on how the application handled the requests.
Access-Me 0.1 is available ...
Posted in Privacy, Security | No Comments
