Archive for the 'Web Applications' Category

WordPress Exploit Scanner

Wednesday, July 9th, 2008

This WordPress plugin searches the files on your site for a few known strings sometimes used by hackers, and lists them with code fragments taken from the files.

Posted in Code Audit, Vuln. Scanner, Penetration Testing, Web Applications | No Comments »

Scanners: New Nessus Release; New eEye Web Scanner

Friday, March 14th, 2008

Tenable released version 3.2.0 of their popular Nessus vulnerability scanner and eEye enters the arena of web application scanners by releasing Retina Web App Scanner.

Posted in Vuln. Scanner, Web Applications, Tools | No Comments »

Can I Evade ScanSafe Anywhere+ ?

Tuesday, January 29th, 2008

ScanSafe Anywhere+ is a very cool web security service which is intended to provide web content security for roaming users.

Posted in Firewalls, Web Applications | 3 Comments »

Googlehacks and Anti-Googlehacks

Wednesday, December 5th, 2007

I’ve found today 2 resources which are connected to good old Google Hacking Database : Googlehacks and Google Hacking Honeypot.

Posted in Web Applications, Php, Fingerprinting, Tools | 1 Comment »

Nikto 2 Is Out There

Wednesday, November 14th, 2007

Nikto 2 is out ! Finally :) I’m sure most of us have seen the funny message primisinf a new version real soon ; well, it happened and you can check the huge Changelog here.

Posted in Vuln. Scanner, Web Applications, Tools | No Comments »

Free Web Application Firewall - Armorlogic Profense

Monday, October 1st, 2007

Although one may argue that a firewall does not really solve the security problems of an organization, I highly doubt anyone would design a modern network security schema without a solid firewall.
There are many open source network firewalls available on the market and this is why I was very glad to discover an open […]

Posted in Firewalls, Web Applications | 1 Comment »

Finjan Web Security Trends Report - Q3/2007

Tuesday, September 18th, 2007

One of the innovative research presented in the report is the security model and risk posed by the various widgets which seem to be the hottest trend in GUI design.Either built for WWW, Windows Vista or Macintosh OSX Dashboard,the widgets are everywhere and Finjan found vulnerabilities in widgets and gadgets that enable attackers to gain control of user machines.

Posted in Web Applications, Articles | No Comments »

Security Tools Fast Links 1

Tuesday, September 4th, 2007

Security tools : Reflector for .NET; Security System Analyzer; Echo Mirage; soapUI

Posted in Vuln. Scanner, Web Applications, Tools | No Comments »

WASC Script Mapping Project extends RSnake XSS Cheat Sheet ?

Monday, September 3rd, 2007

On Aug. 27, WASC released the Script Mapping Project which is intended to be an exhaustive refference on XSS vectors.What I fail to understand is why WASC didn’t include as a starting point RSnake’s excellent XSS Cheat Sheet. It’s not like they would be the first. OWASP already quotes RSnake’s work as a valuable resource.

Posted in Web Applications, Tools | No Comments »

Second PHP IDS in 3 months released by CoreLabs

Wednesday, August 22nd, 2007

CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations.The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine

Posted in Sql Injection, Web Applications, Tools | 1 Comment »

« Previous Entries