BobCat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named “Data Thief” that was published as PoC by appsecinc. BobCat can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user […]
darknet
Tracking Users Via the Browser Cache
An interesting new twist on things, rather than using cookies to store information you can use perpetually cached files. So clearing your cache and cookies isn’t enough, could be a privacy issue you say, indeed it could.. Clearing cookies may not be enough as you may think. Your browser’s cache is a valuable store of […]
Odysseus Proxy for MITM Attacks Testing Security of Web Applications.
Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission. For example, […]
Facebook Privacy Fears
Ah Facebook again, security problems again? Not this time, but privacy fears with the new stalker-esque features for tracking changes to people’s pages. Millions of people have flocked to social networking sites to post information about themselves and share it with friends. Now Facebook, one of the most popular, is facing a user backlash over […]
Inprotect 0.22.5 Released – Web Interface for Nessus & Nmap
A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade. Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements: Improved and […]