OSSTMM guru Pete Herzog released today an interesting guide on social engineering assessments. It will be an integral part of the soon to be released Open Source Security Testing Methodology Manual v3.0. Get it here : http://www.isecom.org/osstmm3.HUMSEC.draft.pdf

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Open Web Application Security Project (OWASP) has released the first draft of the 2007 edition of the Ten Most Critical Web Application Security Vulnerabilities. Over the years, this document has turned into a de facto web application vulnerability checklist. Briefly, this is the 2007 Ten Most Critical Web Application Security Vulnerabilities: A1 – Cross Site Scripting (XSS) A2 – Injection Flaws A3 – Malicious File Execution A4 – Insecure Direct Object Reference A5 – Cross Site Request Forgery (CSRF) A6 – Information Leakage and Improper Error Handling A7 – Broken Authentication and Session Management A8 – Insecure Cryptographic Storage A9 – Insecure Communications A10 – Failure to Restrict URL Access You can download it here

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Ever wondered how could you find all the sub-domain hosts starting your search just from the domain name ? Well, RSnake wrote a Perl tool to do just that : digg for unknown hosts within a given domain . The tool is called Fierce Domain Scanner and you can get it here : http://ha.ckers.org/fierce/

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Jim Manico posted a good list of Java Source Code Audit tools on the Webappsec mailing list :

• FindBugs
• SPI Dynamics’ DevInspect for Java
• Fortify
• Ounce

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

Ever wondered how random a random generated session ID really is ? Because a lot of web applications rely on the session id for all the authentication and authorization , knowing the strength of the algorithm behind the session ID generation is essential. Michal Zalewski released a new tool precisely for this purpose : Stompy - the session stomper . Get it here : http://lcamtuf.coredump.cx/stompy.tgz

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

I had to analyze a web application written completely in Flash. The first step is to decompile the .swf file and extract as many resources as possible. There are 3 tools , each of them having pros and cons : Sothink SWF Decompiler - commercial tool, great interface Swfmill open source , very flexible. swf2html from the Macromedia Flash Search Engine SDK

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

SecurityFocus has a story about a new book on testing the security of new applications. Testing Fault Injection in Local Applications proves to be a great resource for describing the local resources and interprocess communication, enumerating the local resources an application depends on, and discussing methods of testing several of those types of resources. Read the full story here : http://www.securityfocus.com/infocus/1886

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

SecureMac.com has released version 2.3 of the Anti-Spyware program for Mac OS X, MacScan. Version 2.3 adds a blacklisted cookie scanner. This feature maintains a list of known tracking cookies, and when run, removes them from web browsers in which they are found. Version 2.3 also adds file cleaning support for additional browsers. Get it at http://macscan.securemac.com/

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

These are the best online resources in web application security :

• RSnake’s Blog
• OWASP
• Jeremiah Grossman’s Blog
• The Web Security Mailing List
• sla.ckers.org forum
• Web Application Security Consortium
• Security Focus Web Application Security List
• GNUCITIZEN
• cgisecurit
• Security Focus Hacking Exposed Web Applications, 2nd Edition (Joel Scambray, Mike Shema, Caleb Sima)
• Full Disclosure
• Google
• BugTraq
• XSS (Cross Site Scripting) Cheat Sheet
• Secunia
• Sylvan von Stuppe
• BlackHat
• Schneier on Security
• PaulDotCom
• Professional Pen Testing for Web Applications (Andres Andreu)
• del.icio.us (webapp security)
• FrSIRT
• IEEE S&P OSSTMM
• (IN)SECURE Magazine
• Software Security (Gary McGraw)
• 19 Deadly Sins of Software Security -(Michael Howard, David LeBlanc, John Viega)
• SecuriTeam
• qasec
• WhiteHat Security
• http://www.security.nnov.ru
• Web Security Threat Classification
• http://www.securityfocus.com/archive/107
• How to Break Web Software (Mike Andrews, James A. Whittaker)
• Microsoft
• Security Focus Penetration Testing
• SearchAppSecurity
• National Vulnerability Database
• ComputerWorld Safari Bookshelf

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!

OWASP is happy to announce the first release of OWASP Pantera - Web
Assessment Studio. Pantera is a mix between a pentest proxy, an application
scanner, and an intelligent analysis framework. Pantera’s goal is to leave
the analysis and automatic (repetitive) stuff to the engine, leaving only
the important decisions to the security expert.
Great tool !
OWASP Pantera Web Assessment Studio Project

Share This

If you enjoyed this post, make sure you subscribe to my RSS feed!