Web Application Security Mode:
(Page 11 of 331)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
[RAID 2011] Call for Participation 2011-08-12
Guofei Gu (smartgophy gmail com)
Apologies for multiple copies of this announcement.

14th International Symposium on Recent Advances in Intrusion Detection
(RAID'2011)

September 20-21, 2011
SRI International, Menlo Park, CA
http://www.raid2011.org

Call for Participation

==========================================================

[ more ]  [ reply ]
RE: [Full-disclosure] CAT Version 1 Released - Web App Testing Tool 2011-08-09
Context IS - Disclosure (disclosure contextis co uk)
Under native Windows, CAT will only use IE to render the HTML. I can see your point as to why you might not want to use IE and I will look into adding in a Gecko rendering option for the next version.

Under Mono it uses the Mono provided WebBrowser control, which rendering engine is used depends

[ more ]  [ reply ]
CAT Version 1 Released - Web App Testing Tool 2011-08-04
Context IS - Disclosure (disclosure contextis co uk)
Context App Tool (CAT) Version 1 has been released.
http://cat.contextis.com

CAT is a tool for manual web application penetration testing and includes the following features:
- Request Repeater ? Used for repeating a single request
- Proxy ? Classic Inline proxy
- Fuzz

[ more ]  [ reply ]
Agnitio Security Code Review Tool v2.0 released 2011-08-04
David Rook (david a rook gmail com)
Hi,

I've released an update to Agnitio which I hope will help people
carryout security focused code reviews and find vulnerabilities in the
source code they are reviewing.

The major changes in v2.0 are listed below:

1) Basic code analysis module with rules for analysing Android and iOS
applicatio

[ more ]  [ reply ]
jQuery is a Sink 2011-07-28
Stefano Di Paola (stefano dipaola wisec it)
Guys,
maybe the client side security people may be interested :
http://blog.mindedsecurity.com/2011/07/jquery-is-sink.html

Cheers,
Stefano

--
...oOOo...oOOo....
Stefano Di Paola
Software & Security Engineer

Owasp Italy R&D Director

Web: www.wisec.it
Twitter: http://twitter.com/WisecWisec
......

[ more ]  [ reply ]
winAUTOPWN v2.7 - Released with a detailed 'HowTo' Document 2011-07-20
QUAKER DOOMER (quakerdoomer inbox lv)
Dear all,

This is to announce release of winAUTOPWN version 2.7
This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well.

This version incorporates a few new commandline parameters: -perlrevshURL (for a PERL Reverse Shell URL), -
mailFROM (smtpsender) an

[ more ]  [ reply ]
Re: securing a deliberately vulnerable web app 2011-07-12
bournenapste (at) gmail (dot) com [email concealed] (bournenapste gmail com)
This is a article i would like everyone of us who are interested in
detecting the latest threats and Honeypots related stuff should read
this ===>

The Honeypot Incident ? How strong is your UF (Reversing FU)
https://www.corelan.be/index.php/2011/01/31/the-honeypot-incident-how-st
rong-is-your-uf-rev

[ more ]  [ reply ]
Analyzing the Biggest Bank Robbery in History 2011-07-12
Pete Herzog (lists isecom org)
Hi,

"I was at a cafe in Bern, Switzerland last year to meet with two other
ISECOMers: Nick Mayencourt, a Board Director and Philipp Egli an
ISECOM trainer and the talk turned to robbing banks. That's not
uncommon because Switzerland is very big on banking and also very big
on security, especial

[ more ]  [ reply ]
[HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th 2011-07-11
Hafez Kamal (aphesz hackinthebox org)
This is a reminder that the Call for Papers for the 9th annual
HITBSecConf in Malaysia is closing this Friday, 15th of July. The event
takes place from the 10th - 13th of October at the Intercontinental
Kuala Lumpur.

As always, talks that are more technical or that discuss new and never
before seen

[ more ]  [ reply ]
Fwd: securing a deliberately vulnerable web app 2011-07-08
bournenapste (at) gmail (dot) com [email concealed] (bournenapste gmail com)
---------- Forwarded message ----------
From: bournenapste (at) gmail (dot) com [email concealed] <bournenapste (at) gmail (dot) com [email concealed]>
Date: Fri, Jul 8, 2011 at 9:52 AM
Subject: Re: securing a deliberately vulnerable web app
To: Robin Wood <robin (at) digininja (dot) org [email concealed]>

I will suggest use Xen -Hypervisor instead of Vmware because it
provides a be

[ more ]  [ reply ]
RE: DOS Web App 2011-07-08
Karl Lockhart (karlockhart pureliquidawesome com)
Not sure if it serves your purpose but Selenium (seleniumhq.org) seems promising.

Rajesh Gopisetty <rgopise (at) microsoft (dot) com [email concealed]> wrote:

>You should be able to use any of the load testing tools to accomplish this task.
>
>Win-runner, Visual Studio Test Suite etc..
>
>-----Original Message-----
>From: lis

[ more ]  [ reply ]
HTTP PARAMETER CONTAMINATION (HPC) 2011-07-05
Ivan Markovic (ivanm security-net biz)
Hello everyone, we have new research paper:

HTTP PARAMETER CONTAMINATION (HPC) original idea comes from the innovative
approach found in HPP research by exploring deeper and exploiting strange
behaviors in Web Server components, Web Applications and Browsers as a
result of query string parameter c

[ more ]  [ reply ]
Re: securing a deliberately vulnerable web app 2011-07-05
Robin Wood (robin digininja org)
On 5 July 2011 22:32, Charlie Belmer <charlie.belmer (at) gmail (dot) com [email concealed]> wrote:
> Hi Robin,
>
> A couple of suggestions:
>
> Definitely VM it and roll it back frequently. You might want a list of
> warnings to watch for, like someone trying to install root kits or run
> certain shell commands, at which point

[ more ]  [ reply ]
Re: securing a deliberately vulnerable web app 2011-07-05
Robin Wood (robin digininja org)
On 5 July 2011 16:56, arvind doraiswamy <arvind.doraiswamy (at) gmail (dot) com [email concealed]> wrote:
>
>
> On Mon, Jul 4, 2011 at 4:21 AM, Robin Wood <robin (at) digininja (dot) org [email concealed]> wrote:
>>
>> This is a question for anyone who runs a deliberately vulnerable web
>> app on a public facing site to allow people to test hacking it or t

[ more ]  [ reply ]
Re: securing a deliberately vulnerable web app 2011-07-05
arvind doraiswamy (arvind doraiswamy gmail com)
> This is a question for anyone who runs a deliberately vulnerable web
> app on a public facing site to allow people to test hacking it or to
> test vulnerability scanners against it. I'm thinking of things like
> http://test.acunetix.com/ .

I'm not sure a lot of those (not necessarily the one you

[ more ]  [ reply ]
securing a deliberately vulnerable web app 2011-07-03
Robin Wood (robin digininja org) (2 replies)
This is a question for anyone who runs a deliberately vulnerable web
app on a public facing site to allow people to test hacking it or to
test vulnerability scanners against it. I'm thinking of things like
http://test.acunetix.com/ .

What I'd like to know is how you go about securing the box the si

[ more ]  [ reply ]
Re: securing a deliberately vulnerable web app 2011-07-06
Vedantam Sekhar (vedantamsekhar gmail com) (2 replies)
Re: securing a deliberately vulnerable web app 2011-07-08
dreamwvr (dreamwvr dreamwvr com) (1 replies)
Re: securing a deliberately vulnerable web app 2011-07-11
Robin Wood (robin digininja org)
Re: securing a deliberately vulnerable web app 2011-07-06
Robin Wood (robin digininja org)
Re: securing a deliberately vulnerable web app 2011-07-05
Jeremiah Cornelius (jeremiah nur net) (1 replies)
DOS Web App 2011-07-07
elton Sheffield (qawsedr1234 hotmail co uk) (1 replies)
RE: DOS Web App 2011-07-08
Rajesh Gopisetty (rgopise microsoft com)
Re: SQLi with backslash 2011-06-26
Robin Wood (robin digininja org) (1 replies)
On 26 June 2011 06:02, Voulnet <voulnet (at) gmail (dot) com [email concealed]> wrote:
> Yeah, I understood from you that the web app removes only the single
> and double quotes.
>
> So what kind of query would be executed on MySQL? is it:
> 1- insert into log values ('a','b');
> or
> 2- insert into log values (a,b); <-- I doub

[ more ]  [ reply ]
Re: SQLi with backslash 2011-06-26
Voulnet (voulnet gmail com)
(Page 11 of 331)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus