[ad] It’s not a big deal but it does show a problem with the way Facebook deals with data and how much power they have over people’s privacy. A small slip in coding could cause much worse problems that this, plus this could have happened before but no one picked up on it. It takes […]
web-application-security
Pantera – Web Application Analysis Engine
[ad] Pantera is actually using an improved version of SPIKE Proxy and is a project under the umbrella of OWASP. It’s aiming to be a more automated method for testing Web Application Security. Features User-friendly custom web GUI. (CSS): Pantera itself is a web application that runs inside the browser and can be customized using […]
ratproxy – Passive Web Application Security Audit Tool
Ratproxy is a semi-automated, largely passive web application security audit tool. It is meant to complement active crawlers and manual proxies more commonly used for this task, and is optimized specifically for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic […]
Sipflanker – Locate SIP (VoIP) Device Web Interfaces
[ad] SIP devices are getting to be very common now, especially with open source bundled OS offerings like Trixbox making it easy to setup your own digital or IP-PBX. Along with the frequent installations, many (if not most) VoIP devices have available a Web GUI for their configuration, management, and report generation. These Web GUIs […]
sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL
[ad] We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features. Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide […]