SQL Server fingerprinting can be a time consuming process. It involves a lot many trial and error methods to fingerprint the exact SQL Server version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for a certain server are two of the ways to possibly fingerprint […]
Adobe PDF Reader Rewrite To Include Sandbox Feature
A lot of people have complained about the lack of security in Adobe PDF related products and the fact that the very architecture is insecure. There have been a whole spate of PDF related exploits and vulnerabilities lately – some of them being very serious. It’s good to see Adobe is taking this matter seriously […]
OWASP ZAP – Zed Attack Proxy – Web Application Penetration Testing
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing. ZAP provides automated scanners […]
Symantec Expands Security Products To Cover Android & iOS
Most of the big companies in the modern age of business are moving to the acquisition model rather than developing new technologies, Symantec has made a few purchases in recent years. Their latest move is to offer security for the hot smartphone platforms Android and iOS, which powers the new iPhone 4 and iPad. The […]
THC-Hydra 5.8 Released – Extremely Fast Multi-Threaded Login/Password Cracker
The number one biggest security hole is passwords, as every password security study shows. Hydra is a parallelized (multi-threaded) login cracker which supports attacking/cracking numerous protocols. New modules are easy to add, beside that, it is flexible and very fast. We haven’t mentioned Hydra since way back in 2007 – THC-Hydra – The Fast and […]