[ad] Oedipus is an open source web application security analysis and testing suite written in Ruby by Penetration Testers for Penetration Testers. It is capable of parsing different types of log files off-line and identifying security vulnerabilities. Using the analyzed information, Oedipus can dynamically test web sites for application and web server vulnerabilities. Oedipus can […]
network-security
Custom Trojans – Isn’t it Old News?
[ad] Well it is for me, and I guess anyone who consider themselves a career hacker, or at least has a serious interest.. As a few good trojans are open source (Back Orifice?), you can just mess around with them for a while until you reach the point they are no longer detected by any […]
SyScan’06 – The Asian Hackers’ Conference
[ad] The Symposium on Security for Asia Network aims to be a very different security conference from the rest of the security conferences that the information security community in Asia has come to be so familiar and frustrated with. SyScan’06 intends to be a non-product, non-vendor biased security conference. It is the aspiration of SyScan’06 […]
The Enemy Within The Firewall
[ad] I’ve seen similar figures from other organisations and countries, so the stats don’t surprise me. My peers and I have always called this Armadillo security, hard on the outside, soft on the inside. Firewall, IDS, etc…all protecting the exterior of the network, only edge devices, nothing inside, not much policies, not much privilege segregation, […]
Ohio University Compromised for Over a Year!
[ad] A year? A whole year? A few days I can take, but surely if an Admin doesn’t know what’s going with his machines for a year….compromised for a year, there is something wrong. An unprecedented string of electronic intrusions has prompted Ohio University to place at least one technician on paid administrative leave and […]