News
wp-scanner online released
I released an online version of my WordPress vulnerability scanner. Its still in its initial stages, I will work on risk highlighting, discussion and recommendations shortly.
Go give your blog a test, details here. Feedback most welcome and encouraged.
WordPress Vulnerability Scanner
Just a quick note: A new version of my wp-scanner is available.
Check it out at BlogSecurity.
The command line version is no longer supported but is available here by request.
$ perl -x wp-scanner.pl http://testblog/wordpress/
WordPress Scanner starting: David Kierznowski (http://michaeldaw.org)
Using plugins dir: wp-content/plugins
[*] Initial WordPress Enumeration
[*] Finding WordPress Major Version
[*] Testing WordPress Template for XSS
WordPress Basic Results
[...]
MD Hacker Anthology Starts Today
The June 2007 Hacker Anthology Competition kicks off today!
Submissions are now being accepted. Good luck.
Web Backdoors Getting Better
pentestmonkey sent me a link to his latest projects, “php-reverse-shell” and “perl-reverse-shell”. He has some great ideas here and I will definately be taking a look at these projects, and hope to add them to the Web Backdoor Compilation in an upcoming release.
There is still alot of work that needs to be done in this [...]
Michael Daw Anthology
michaeldaw.org is pleased to announce the first “Michael Daw Anthology” award.
For those of you curious, anthology is a collection of published works. The original idea behind the michaeldaw.org website was to build stories upon a fictional hacking icon named, Michael Daw, as well as to host other security related material. As a close friend [...]
