Monday, June 9th, 2008 Here is a list of new security tools that were released in the past week.SQL Ninja 0.2.3 - SQL server injection and takeover tool
fgdump 2.1.0 - Tool for mass password auditing of windows systems
AxBan 1.0.0.4 - ActiveX killbit program
Nmap 4.65 - Network port scanner
Nessus 3.2.1 - Vulnerability assessment tool
Immunity Debugger ...
Posted in Coding, General BS, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Wednesday, June 4th, 2008 Recently Arshan Dabirsiaghi, Director of Research of Aspect Security, published a white paper entitled “Bypassing URL Authentication and Authorization with HTTP Verb Tampering”. Initially there was a lot of confusion about what exactly was being explained or claimed. Including, is it real? Is it novel? Is it dangerous? What is ...
Posted in Coding, Internet, Privacy, Security | No Comments
Tuesday, June 3rd, 2008 Most malware tends to store stolen credentials and information in make-shift text files, which are then forwarded to the author via email or another protocol. However, the use of scalable and robust solutions is becoming more popular in the malware community. In fact, it is becoming increasingly popular for malware ...
Posted in Coding, Internet, Privacy, Security | No Comments
Sunday, June 1st, 2008 XSS (Cross-Site Scripting) Very Much Alive and KickingWe were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...
Posted in Coding, Internet, Security | No Comments
Friday, May 30th, 2008 We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features.Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal ...
Posted in Coding, Internet, Privacy, Security | 1 Comment
