Archive for March, 2007
Al-Qaeda Plotting to Bring Down the Internet in the UK
schneier’s blog discussed the article released recently regarding Al-Qaeda bringing down a criticial internet hub in the UK thereby disrupting the LSE and creating an economical nightmare.
I wonder if this will increase interest in your so called tiger teams.
Web Spider with Microsoft Visio
I strongly believe that for a penetration tester to be effective, he or she must be able to envisage a web application in its entirety as a fundamental pre-requisite.
The Web Site Map template can produce a diagram of your Website structure, showing what is on each page (images, JavaScript, etc.) and how each element connects [...]
SQL Injection: Sleeping Giant
Michael Sutton from Spidynamics did some very cool research titled, “How Prevalent are XSS Vulnerabilities” and a follow up article titled, “How Prevalent are SQL Injection Vulnerabilities“.
DNS-IP Tunneling
Working around Italy this last week got me thinking around bypassing Hotel wired and wireless charged services. Before going into my post I have to say that the cathedral in “Centro” Milan almost brought tears to my eyes, magnificient.
Generally we have two protocols on which to build that do not require authentication to work. The [...]
WordPress is Backdoored
Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. – WordPress.com
This is not the first time such a situation has occured. A number of vendors over the [...]
