Penetration Testing Mode:
(Page 7 of 636)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
Cookie based SQL Injection 2012-03-06
Adam Behnke (adam infosecinstitute com)

All data sent by the browser to a Web application, if used in a SQL query, can be manipulated in order to inject SQL code: GET and POST parameters, cookies and other HTTP headers. Some of these values â??â??can be found in the environment variables. The GET and POST parameters are typically entered

[ more ]  [ reply ]
A survey on web application security 2012-03-01
Hannes Holm (Hannes Holm ics kth se)
Hi all,

I would like to invite you to participate in a survey investigating the effort required to discover web application input validation vulnerabilities given different scenarios - a topic that needs further exploration. This survey is carried out by a research group from the Royal Institute of

[ more ]  [ reply ]
OWASP Top 10 penetration testing software? 2012-02-28
webcat (matthew mckinzie lewin com) (7 replies)

Hi, for one of my websites, I have been required to use a web application
scanner that tests against the OWASP Top Ten threats. I'm looking for a
scanner that does this that is inexpensive or free.

Possible scanners I've found for this include the OWASP Zed Attach Proxy
Project, Sonar, and w3af, b

[ more ]  [ reply ]
Re: OWASP Top 10 penetration testing software? 2012-02-28
Nathalie Vaiser (nvaiser gmail com)
Re: OWASP Top 10 penetration testing software? 2012-02-28
David Mirza (dma subgraph com)
Re: OWASP Top 10 penetration testing software? 2012-02-28
psiinon (psiinon gmail com) (1 replies)
Re: OWASP Top 10 penetration testing software? 2012-03-05
Zaki Akhmad (zakiakhmad gmail com) (1 replies)
Re: OWASP Top 10 penetration testing software? 2012-03-05
psiinon (psiinon gmail com) (1 replies)
RE: OWASP Top 10 penetration testing software? 2012-03-05
Adam Behnke (adam infosecinstitute com)
Re: OWASP Top 10 penetration testing software? 2012-02-28
Tim Gonzales (tim gonzales gmail com)
Re: OWASP Top 10 penetration testing software? 2012-02-28
martin mngoma gmail com (1 replies)
Re: OWASP Top 10 penetration testing software? 2012-02-28
Robert Wood (robertwood50 gmail com) (1 replies)
Re: OWASP Top 10 penetration testing software? 2012-02-28
martin mngoma gmail com
Re: OWASP Top 10 penetration testing software? 2012-02-28
Michele Orru (antisnatchor gmail com)
Re: OWASP Top 10 penetration testing software? 2012-02-28
M. Hani Benhailes (kroosec gmail com) (1 replies)
Re: OWASP Top 10 penetration testing software? 2012-02-28
webcat (matthew mckinzie lewin com)
Circumventing NAT via UDP hole punching. 2012-02-22
Adam Behnke (adam infosecinstitute com)
A new write up at InfoSec Institute on circumventing NAT. While this is
nothing new, not a lot of people actually understand how this works.  

The process works in the following way. We assume that both the systems A
and B know the IP address of C.

a) Both A and B send UDP packets to the host C. A

[ more ]  [ reply ]
Shakacon 2012: Honolulu, HI - June 18-21 2012-02-22
Shakacon (info shakacon org)
Bring your board, booze, and sunscreen it is time for:

----++++++++++++++++++++++++++++++++++++----
Shakacon IV - Honolulu Hawaii

"Sun, Surf, and C Shells"

CALL FOR PAPERS

www.shakacon.org/CFP.txt
----++++++++++++++++++++++++++++++++++++----

Who: Shakaco

[ more ]  [ reply ]
On-line pentesting course 2012-02-20
Piotr Dyga (piotr dyga software com pl)

PenTest Laboratory is a training platform founded and lead by the creators of
PenTest Magazine. I would like to propose you participation in new
initiative â?? on-line penetration testing courses. Courses will be led by
Jeremy Faircloth, well known IT security expert with over 20 years of
experienc

[ more ]  [ reply ]
[New tool] sqlmap plugin for burpsuite 2012-02-21
cr0hn (dani madesyp com)
Hello everybody,

I was released a plugin for burpsuite that allow send URLs to sqlmap
with a simple right mouse click.

You can find doc and tool in:

http://blog.buguroo.com/?p=2471

Regards!

------------------------------------------------------------------------

This list is sponsored by: Info

[ more ]  [ reply ]
Re: Bypass grub edit protection password 2012-02-09
Carlos Pantelides (carlos_pantelides yahoo com) (2 replies)
Have you access to any other account? Is there any network service running? Being centos 4.1 (2005-Oct-21 says the mirror) if it is unpatched perhaps you can find a vulnerability and gain more access.

 
nmap it, is sshd running? try 500 most common passwords. Do you have time? try a bigger dictiona

[ more ]  [ reply ]
Re: Bypass grub edit protection password 2012-02-10
Juan Pablo (juan quine gmail com)
Re: Bypass grub edit protection password 2012-02-10
Justin Rogosky (jrogosky gmail com) (1 replies)
Re: Bypass grub edit protection password 2012-02-10
Carlos Pantelides (carlos_pantelides yahoo com)
Creating backdoors using SQL Injection 2012-02-09
Adam Behnke (adam infosecinstitute com)
An InfoSec Institute Review on Creating backdoors using SQL Injection:

http://resources.infosecinstitute.com/backdoor-sql-injection/

A novel technique that highlights the risk of not chrooting your SQL
servers.

------------------------------------------------------------------------

This list

[ more ]  [ reply ]
Bypass grub edit protection password 2012-02-09
Nik (foringer gmail com) (3 replies)
Hello list!

I'm doing a physical pentest of the blackbox network security device
and need your help in it :).

Device is a hardware protected linux box with serail and ethernet
ports available. It is running on Intel platform.

Conditions of the testing is that I need to receive privilege (root)
ac

[ more ]  [ reply ]
Re: Bypass grub edit protection password 2012-02-09
Shohn Trojacek (trojacek gmail com)
Re: Bypass grub edit protection password 2012-02-09
Ian Hayes (cthulhucalling gmail com) (1 replies)
Re: Bypass grub edit protection password 2012-02-10
Mark (security internecto net)
Re: Bypass grub edit protection password 2012-02-09
Adrián Puente Z. (apuente hackarandas com)
(Page 7 of 636)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus