[ad] I did mention this earlier in the week when I was talking about Twitter being used as a malware distribution platform, there also seems to be an auto follow vulnerability that spammers would love. Do you remember Myspace and samy with 900,000 friends? Now we have johng77536 on Twitter! Last week, TechCrunch’s Jason Kincaid […]
Search Results for: xss
HDIV – Java Web Application Security Framework
[ad] HDIV (HTTP Data Integrity Validator) is a Java Web Application Security Framework. HDIV extends web applications’ behaviour by adding Security functionalities, maintaining the API and the framework specification. This implies that we can use HDIV in applications developed in Struts 1.x, Struts 2.x, Spring MVC and JSTL in a transparent way to the programmer […]
Keep on Fuzzing! Advice
[ad] As you will have noticed we’ve posted quite a number of Fuzzing Tools built around different frameworks and in different languages..most for difference targets/purposes too. Fuzzing has definitely exploded in the last year or so as more people try and understand it and code tools to automate the process. There are tools for Web […]
ProxyStrike – Active Web Application Proxy
[ad] ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good in this stage, so ProxyStrike was born. Right now it has […]
SecurityCompass Exploit-Me – Firefox Web Application Testing Tools
[ad] Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for SQL Injection. The Exploit-Me […]