[ad] SQLiX, coded in Perl, is a SQL Injection scanner, able to crawl, detect SQL injection vectors, identify the back-end database and grab function call/UDF results (even execute system commands for MS-SQL). The concepts in use are different than the one used in other SQL injection scanners. SQLiX is able to find normal and blind […]
web-security
IE 7 Flaw Could Help Phishers – Error Message Processing
[ad] Ah another way for phishers and people wanting to steal login credentials to con IE7 users. Yet another reason to use Firefox or Opera? Not saying these browsers are perfect…but look at the amount of problems Internet Exploder Explorer has had. The flaw lies in the way IE7 processes a locally stored HTML error […]
Massive Security Breach Leaks Credit Card Info
[ad] Recently a fairly huge credit card breach occurred involving a large retail company called TJX, with more than 2,000 retail stores. Some pretty well known brands there, I know I’ve used some of them…the sad part is they themselves still haven’t worked out the extent of the damage done to their information. For me […]
AttackAPI 0.8 JavaScript Hacking Suite Available
[ad] AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. The standalone components of the library can be found […]
Hackers’ Project – Browser Exploit Code Hiding
[ad] Hackers are developing new software that will help hide browser attack code from some types of security software. The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software. Using these techniques, VoMM “can […]