sqlninja 0.2.2 Released – SQL Injection Tool

Tuesday, April 15th, 2008

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.  Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to ...

How to keep your password hidden in plain sight

Friday, April 11th, 2008

When all of your users have decided to keep their passwords written down on sticky notes, on their hands and under their keyboards how do you protect them from themselves?  You could go ahead and rip off each of their finger nails (ouch) until they promise to never write it ...

Anti Keylogger Shield – protect against keyloggers

Thursday, April 10th, 2008

Anti Keylogger Shield is a powerful, easy to use anti-spy software tool that prohibits operation of any keylogger, either know or unknown, professional or custom made. Once installed, Anti Keylogger Shield will run silently in your System Tray, block the system mechanisms that are exploited by keyloggers, and protect your ...

Microsoft Details Internet Explorer 8 Security

Wednesday, April 9th, 2008

At the RSA Security Conference I caught up with Austin Wilson, Microsoft 's Director of Windows Product Management and learned a few tidbits about security enhancements coming in Internet Explorer 8. IE8 will address three specific areas where security can be a problem: social engineering, traditional browser vulnerabilities, and attacks ...

Wfuzz v1.4 Released for Download – Bruteforcing & Fuzzing Web Applications

Wednesday, April 9th, 2008

A new version of Wfuzz is available, many improvements and fixes since first release which was in the middle of 2007. Fuzzing is definitely in, an article was posted recently about how everyone should keep on fuzzing! Will post it up soon. Wfuzz is a tool designed for bruteforcing Web Applications, ...