[ad] A pretty cool tool was released a while back called w3af ( Web Application Attack and Audit Framework ), a fully automated auditing and exploiting framework for the web. This framework has been in development for almost a year and has the following features: Audit SQL injection detection XSS detection SSI detection Local file […]
Search Results for: xss
PDF & Image Attachment Spam – The New Problem with E-mail
[ad] The spam landscape has changed quite a lot in the last year or so with image spam and now the latest tactic is PDF and .zip attachments. PDF’s of course being preferred by spammers as you don’t need to extract anything to view their spam, you just open it in your favourite PDF viewer […]
Sandcat by Syhunt – Web Server & Application Vulnerability Scanner
[ad] Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. This is […]
Apparently 8/10 High Traffic or ‘Big’ Websites are Vulnerable
[ad] It seems after a brief scan that about 80% of sites contain common flaws that allows them to be compromised in some way, most often to create phishing sites, steal data and hijack info about clients. An amazing 30% contain a serious vulnerability. Eight out of ten Web sites contain common flaws that can […]
JBroFuzz 0.5 from OWASP – Stateless Network Protocol Fuzzer
[ad] OWASP JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the network protocol in question consume the data. The purpose of this application is to provide […]