Web Application Security Mode:
(Page 9 of 334)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >
Vulnerability solution 2012-11-14
mdaa uae gmail com (2 replies)
Dear All

Is there anyone can refer me to vulnerability solution tool that can scan the system which consists of applications,database and web.the solution should provide detailed information regarding all the layers in the enterprise systems.

Thank you


This list is sponsored by Cenzi

[ more ]  [ reply ]
Re: Vulnerability solution 2012-11-14
Don P (bigbert007 gmail com)
RE: Vulnerability solution 2012-11-14
Ziots, Edward (EZiots Lifespan org)
List administrivia Public Service Announcement - the more you know... 2012-11-05
Andrew van der Stock (vanderaj greebo net)
Caveat lector: My role here since taking on moderation of this list
way back in 2004 or 2005 or so is primarily to reject spam and 1 line
messages saying "thanks" or "Give me the answer to my homework /
assignment / PhD dissertation that I'm too lazy to Google".

However, the bar for submission is v

[ more ]  [ reply ]
[HITB-Announce] #HITB2013AMS Call For Papers Now Open 2012-11-05
Hafez Kamal (aphesz hackinthebox org)
The Call for Papers for the fourth annual HITBSecConf in Europe is now
open! Taking place on the 8th till 11th of April at the Okura Hotel, Amsterdam, #HITB2013AMS will be a triple track conference (with HITB Labs) and features keynotes by Eddie Schwartz, Chief Information Security Officer at RSA an

[ more ]  [ reply ]
RE: security standards 2012-11-05
Martin O'Neal (martin oneal corsaire com)

> If an organisation is looking to purchase or subscribe
> to a web application service, are there any security
> standards it can request the supplier to conform to?

The problem is one of definitions. What you're looking for is a "secure"
application, and that is all a matter of context, sema

[ more ]  [ reply ]
Penetration tests and social engineering? 2012-11-05
Pent (dawid redyk software com pl)

Hey there
I m sending free issue of PenTest Magazine, all specialists should check it
to ensure they know everything on the topic :)
It's free: http://pentestmag.com/special/socialengise.php PenTest Magazine

If anyone have any questions please feel free to ask, we can discuss on

Best Rega

[ more ]  [ reply ]
security standards 2012-11-05
Svejk It (svejkit gmail com) (2 replies)
If an organisation is looking to purchase or subscribe to a web
application service, are there any security standards it can request
the supplier to conform to? For example, it may like to have some
assurance that SQL injection is not possible. If so, are these
standards widely adopted?
Or, if t

[ more ]  [ reply ]
RE: security standards 2012-11-05
Dave Wichers (dave wichers aspectsecurity com)
Re: security standards 2012-11-05
bl4de (bloorq gmail com) (1 replies)
RE: security standards 2012-11-05
Ofer Shezaf (ofer shezaf com)
Burp Suite Free Edition v1.5 released 2012-11-02
PortSwigger support (support portswigger net)
Burp Suite Free Edition v1.5 is now available to download from

This is a significant upgrade with a wealth of new features added since
v1.4, most notably:

* Completely new user interface with numerous usability enhancements.

* Several new Proxy listener options, to deal wi

[ more ]  [ reply ]
OWASP Zed Attack Proxy: Weekly releases 2012-10-22
psiinon (psiinon gmail com)
Hi folks,

Just a quick email to let you know that we are now generating weekly
OWASP ZAP releases.
These are just intended for people who want to use all of the features
we've added since 1.4.* but dont want the hassle of building ZAP from
the source code.
While we endeavor to ensure that weekly re

[ more ]  [ reply ]
CarolinaCon-9 / 2013 - Call for Presenters/Speakers 2012-10-11
Vic Vandal (vvandal well com)
h4x0rs, InfoSec professionals, g33k girls, international spies, and script kidz,

CarolinaCon-9 will occur on March 15th-17th 2013 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions for the event.

If you are somewhat knowledgeable in any interesting field of hac

[ more ]  [ reply ]
Re: [WEB SECURITY] Bypassing WAF via HTTP Pollution 2012-10-04
Ivan Ristic (ivan ristic gmail com) (1 replies)
I guess this would be a good opportunity for me to mention my research
on the topic:

Protocol-level evasion of web application firewalls

On Wed, Oct 3, 2012 at 10:55 AM, Danux <danuxx (at) gmail (dot) com [email concealed]> wrote:
> B

[ more ]  [ reply ]
Re: [WEB SECURITY] Bypassing WAF via HTTP Pollution 2012-10-08
Robin Wood (robin digininja org) (1 replies)
Re: [WEB SECURITY] Bypassing WAF via HTTP Pollution 2012-10-08
Ivan Ristic (ivan ristic gmail com) (1 replies)
RE: [WEB SECURITY] Bypassing WAF via HTTP Pollution 2012-10-08
Dave Wichers (dave wichers aspectsecurity com) (1 replies)
Re: [WEB SECURITY] Bypassing WAF via HTTP Pollution 2012-10-08
Rcbarnett (rcbarnett gmail com)
Bypassing WAF via HTTP Pollution 2012-10-03
Danux (danuxx gmail com)
By playing CSAW CTF you always learn something new (at least myself).

Hope you enjoy it:



This list is sponsored by Cenzic
Let Us Hack You. Before Hackers Do!
It's Finally H

[ more ]  [ reply ]
winAUTOPWN v3.2 Released 2012-10-03
QUAKER DOOMER (quakerdoomer inbox lv)
Dear all,

This is to announce release of winAUTOPWN version 3.2

A complete list of all Exploits in winAUTOPWN is available inside MISC\CHANGELOG.TXT
A complete list of User Interface changes is available in MISC\UI_CHANGES.txt

BSDAUTOPWN has been compiled, like always for various flavour

[ more ]  [ reply ]
Arachni v0.4.1 has been released (Open Source Web Application Security Scanner Framework) 2012-10-03
Tasos Laskos (tasos laskos gmail com)
Hey folks,

This is just to let you know that there's a new version of Arachni.

Arachni is a modular and high-performance (Open Source) Web Application
Security Scanner Framework written in Ruby.

The change-log is quite sizable but the gist is:
* License change, Apache License v2.
* Additio

[ more ]  [ reply ]
nullcon Goa 2013 Call For Papers/Events 2012-09-05
nullcon (nullcon nullcon net)

Hello! Aloha! Namaskar! Ni Hau! Guten Tag! Privet! Salam-wale-kum!
Hej! Ahoj! Bonjour! Terve! Ciao! Konnichiva! Selamat! Barev! Jum Reap
Sour! Selamat! ahnnyeong ha se yo! Salvete! Moien! Selamat datang!
Bonswa! sain baina uu! K

[ more ]  [ reply ]
QNAP Turbo NAS Multiple Path Injection 2012-09-04
Andrea Fabrizi (andrea fabrizi gmail com)
Vulnerability: Multiple Path Injection
Product: QNAP Turbo NAS
Vendor: QNAP
Version affected: <= 3.7.3 build 20120801
Status: Unpatched
Website: http://web.qnap.com/pro_detail_feature.asp?p_id=202
Discovered by: Andrea Fabrizi
Email: and

[ more ]  [ reply ]
t2â?²12: Challenge to be released 2012-09-01 10:00 EEST 2012-08-29
Tomi Tuominen (tomi tuominen t2 fi)
It is that time of the year again - weâ??re pleased to announce the
release of the t2â??12 Challenge!

This yearâ??s challenge starts from the homepage of a young woman who is
rumored to be the girlfriend of an infamous carder. To solve the
challenge, the participants need to step into investigator'

[ more ]  [ reply ]
WATOBO 0.9.9 release 2012-08-16
Andreas Schmidt (webappsec siberas de)
Hi everybody,

I've just pushed the final release of WATOBO 0.9.9 to rubygems.org.

= WATOBO - The Web Application ToolBox
WATOBO is intended to enable security professionals to perform
(semi-automated) web application security audits and penetration tests.

* Transparent Proxy Mode ->

[ more ]  [ reply ]
(Page 9 of 334)  < Prev  4 5 6 7 8 9 10 11 12 13 14  Next >


Privacy Statement
Copyright 2010, SecurityFocus