[ad] Yokoso! is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetration tests that combine network and web applications. One of the most common questions we hear is “so what can you do with XSS?” and we hope that Yokoso! answers that […]
cross-site-scripting
Acunetix Web Vulnerability Scanner (WVS) 6.5 Released
[ad] You may remember a while back we did a Review of Acunetix Web Vulnerability Scanner 6 – the very full featured web vulnerability scanning software. Well the latest version has been released recently with some updates, bug fixes and improvements on the web application security front. I’m hoping to try out the AcuSensor on […]
Amazon Disputes Hacker Claims of Ranking Manipulation
[ad] A while back it was all over the blogs and Twitter that Amazon had somehow demoted Gay and Lesbian themed books to keep them from showing up in searches. There was outrage from all the civil rights folks especially in the LBGT camp (rightfully so if it was true). After that the rumour started […]
Twitter Battered By Powerful Worm Attacks
[ad] We’ve written about Twitter quite a few times now, with it’s click-jacking vulnerability, twitter phishing attacks and various other issues. It’s no surprise it’s being targeted though as it’s now the 3rd biggest social network after Facebook and Myspace. Within a relatively short time period it’s overtaken almost everyone else. This weekend it suffered […]
ProxyStrike v2.1 Released – Active Web Application Proxy Tool
[ad] In April last year we wrote about ProxyStrike, recently the developer has released a couple of new versions – the latest being v2.1. ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web […]