[ad] Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits. Unfortunately, this manual vulnerability search is a very tiresome and error-prone task. Pixy is a Java program that […]
Exploits/Vulnerabilities
Vista Security Claims Debunked – Figures Skewed
[ad] Ah more news about the insecurity of Vista and something we are all pretty aware of…the skewing of figures by Microsoft. Microsoft apparently still hasn’t learned that counting vulnerabilities doesn’t establish some kind of ‘security level’. You can read the report here: Vista 6 Month Vuln Report [PDF] The Microsoft “researcher” claims that Windows […]
Inguma – Penetration Testing Toolkit
[ad] Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products. Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the […]
Learn to use Metasploit – Tutorials, Docs & Videos
Metasploit is a great tool, but it’s not the easiest to use and some people get completely lost when trying to get the most out of it. To help you guys out here is a bunch of links, videos, tutorials and documents to get you up to speed. You can start with this, a good […]
Intel Core 2 Duo Vulnerabilities Serious say Theo de Raadt
[ad] The scariest type of all, hardware vulnerabilities. Security guru and creator of OpenBSD Theo de Raadt recently announced he had found some fairly serious bugs in the hardware architecture of Intel Core 2 Duo processors. He goes as far as saying avoid buying a C2D processor until these problems are fixed. A prominent software […]