shampoo: security

Sort by: Date / Title / URL

  1. Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
  2. Browserscope is a community-driven project for profiling web browsers. The goals are to foster innovation by tracking browser functionality and to be a resource for web developers.
  3. 02-07-2010 to , , and -1 others
  4. 24-06-2010 to , , and -1 others
  5. JavaScript Blacklist is a simple extension for Safari 5 which blacklists scripts from a configurable list of domains. If a common "utility" script used by sites that you visit is annoying you, this will let you opt out quickly and easily.
  6. Anhand von Metasploit und dem Gnu Debugger gdb zeigt Paul Harrington, wie er unter Mac OS X einem Buffer Overflow in der Webcam-Server-Software Evocam auf die Schliche kommt und einen Exploit zum Einschleusen von Code entwickelt. Dabei zeigt er wie man den Code anpasst, um die richtigen Register und Teile des Speichers zu überschreiben. Harrington zeigt auch, wie man trotz Apples Library-Randomisation-Schutz vor Angriffen Systemfunktionen aufrufen kann
    13-06-2010 to , , , and -1 others
  7. Online security check for outdated browser plug-ins
    01-06-2010 to , , , and -1 others
  8. Yesterday, I received a post in the Pen-Test mailing list requesting for tips/resources on penetration testing of flash applications.  While there are some tools and white papers available, I could not find many authoritative resources which wraps the entire spectrum of flash security testing of RIA applications.  So here is an endeavor to detail out the steps of testing.  I will keep this post only to outline the essential steps or points.  Please feel free to recommend additional inclusion of tools and techniques.  The idea is to come up with a comprehensive paper which can be used by pen-testers to test flash based Rich Internet Applications (RIA).
  9. Chris Evans on using HTML forms to create cross-domain XML payloads. Some restrictions apply.
  10. sleuthkit.org is the official web site for The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (a.k.a. digital forensic tools) that run on Windows and Unix systems (such as Linux, OS X, Cygwin, FreeBSD, OpenBSD, and Solaris). They can be used to analyze NTFS, FAT, Ext2, Ext3, UFS1, and UFS2 file systems and several volume system types.
    28-12-2009 to , , and -1 others

First / Previous / Next / Last / Page 1 of 12