Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security. Vulnerabilities SQL Injection XSS (Cross Site Scripting) LFI (Local File Inclusion) RFI (Remote […]
Search Results for: xss
Twitter Hack Spreads P*rn Trojan
[ad] I had a spam tweet appear in my stream a while back and like Guy Kawasaki I also had absolutely no idea where it came from. Perhaps some kinda XSS flaw in Twitter when I visited a site that spawned the message (in a hidden iframe perhaps). It wouldn’t be the first time Twitter […]
FBController – The Ultimate Utility to Control Facebook Accounts
Just to put a downer on all the script kiddies, this utility WILL NOT hack/crack Facebook passwords or accounts. You need to feed it biscuits (cookies) before you can do anything. You can get the target’s cookie by sniffing, XSS, social engineering, ARP Poison-Sniffing, Scroogle search or however you like. Once you have the cookies […]
Amazon Disputes Hacker Claims of Ranking Manipulation
[ad] A while back it was all over the blogs and Twitter that Amazon had somehow demoted Gay and Lesbian themed books to keep them from showing up in searches. There was outrage from all the civil rights folks especially in the LBGT camp (rightfully so if it was true). After that the rumour started […]
Twitter Battered By Powerful Worm Attacks
[ad] We’ve written about Twitter quite a few times now, with it’s click-jacking vulnerability, twitter phishing attacks and various other issues. It’s no surprise it’s being targeted though as it’s now the 3rd biggest social network after Facebook and Myspace. Within a relatively short time period it’s overtaken almost everyone else. This weekend it suffered […]