Archive | Countermeasures




PHPIDS – Security Layer & Intrusion Detection for PHP Based Web Applications

Another protection for those building website and web applications, as it’s the the most common attack vector nowadays I think it’s important to be extra safe on this front. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, […]

Tags: , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

argus – Auditing Network Activity – Performance & Status Monitoring

Another tool for the security side, good for forensics, monitoring and auditing. Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, […]

Tags: , , , , , , ,

Posted in: Countermeasures, Forensics, Network Hacking, Security Software | Add a Comment

mod_anti_tamper – Anti Tamper Module for Apache 2.x

What Is Mod AntiTamper (AT) AntiTamper is an Apache 2.x module that could be used to prevent some sort of url and cookie tampering. Specifically, AT could stop a lot of those malicious bots that take advantage from search engines. Moreover, attack techniques like HTTP Response Splitting and session hijacking/fixation will be mitigated. Is important […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

gotroot modsecurity Rules for Apache – Anti-spam and Security

To follow on from Whitetrash which I posted about previously, here is another tool to secure your web site or web application. Essentially it’s a very comprehensive set of rules for mod_security. ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web […]

Tags: , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

Whitetrash – Dynamic Web White-listing for Squid

This is a pretty neat tool for those using Squid Cache and looking for a pro-active tool for securing web acccess in their company (or house if you have a devious sibling). The goal of Whitetrash is to provide a user-friendly and sysadmin-friendly proxy that makes it significantly harder for malware to use HTTP and […]

Tags: , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment

GFI End of Year Offer – Up to 50% Off

Just a quick note as I know many of you guys are in corporate security positions and might be looking for some of the solutions GFI offers. They are having a Q4 promotion with up to 50% off on some of their products/services. GFI MailEssentials – 25% GFI MailEssentials & GFI MailSecurity Suite – 25% […]

Tags: , , , , , ,

Posted in: Advertorial, Countermeasures, Security Software | Add a Comment

CORE GRASP – PHP Web Application Protection Software

CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations. As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license. The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software, Web Hacking | Add a Comment

Common Criteria Web Application Security Scoring (CCWAPSS) Released

The purpose of the scoring scale CCWAPSS is to share a common evaluation method for web application security assessments/pentests between security auditors and final customers. This scale does not aim at replacing other evaluation standards but suggests a simple way of evaluating the security level of a web application. CCWAPSS is focused on rating the […]

Tags: , , , , , , ,

Posted in: Countermeasures, Web Hacking | Add a Comment

XSS Warning – A Security Extension/Add-on for Firefox

XSS Warning is a extension/add-on for Firefox that filters malicious values to prevent Cross Site Scripting (XSS) attacks by malicious URLs (assuming you have Javascript enabled). XSS Warning 0.1.8 beta protect from: URL attack Redirect attack Link code injection Compatible with Firefox: 1.5 – 2.0.0 You can install and read more about XSS Warning here: […]

Tags: , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment

Babel Enterprise – Cross Platform System Auditing Tool

Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine. The result is a security index of the system that is given after each execution. It a […]

Tags: , , , , , , , ,

Posted in: Countermeasures, Security Software | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·