[ad] CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations. As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license. The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, […]
PHP
login (security through obscurity) – weird PHP script
[ad] This was the idea with which I have won the regional web apps contest… well actually I did a CMS but the security part of it was the most appreciated. Maybe because it was weird, you’ll see… Classical Login scripts What exactly do classical login scripts do… they get the password from the database […]
FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability
A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID […]
Who is Haydies? Me my self and quite possibly some one else.
Shaolin introduced him self, and said he had asked every one to do like wise. News to me mate :-P or did that slip my mind? Can’t see how it could but one never knows… So, any way, who the hell am I? I have known Shaolin for years, he might have some idea how […]