Projects

0

Technika Security Framework

Posted by dk
August 3, 2007

I have been pre-occupied the last 2 weeks, developing an automated security framework for Technika.
Technika is a Firefox plugin that myself and pdp was toying with some months back. The original idea behind this project was to provide independent self-contained security tools based on JavaScript which can be loaded and executed from the browser. TS [...]

5

WordPress Securify

Posted by dk
January 16, 2007

WordPress Securify Plugin (WPSec)
Table of Contents:
Introduction
Installation
Development Documentation
Download

Introduction

WordPress has become one of the the most popular open source blogging software packages on the net. One of the reasons for its popularity is its powerful plugin API.

WordPress Securify (WPSec) is a security plugin for WordPress. Every hour the tests specified within WPSec will be executed. A count [...]

23

Web Backdoor Compilation

Posted by dk
December 18, 2006

Web Backdoor Compilation (wbc)
DK (http://michaeldaw.org)
Changelog

Date
Change

24 Apr 07
Anti-Virus Capabilities (Work done by Dancho Danchev)

14 Apr 07
Version 1b (pre 1.2 release):
perlcmd.cgi,
cfexec.cfm,
cmdasp.aspx

Dec/06
Version 1 release.

I have collected some WEB backdoors in the past to exploit vulnerable file upload facilities
and others. I think a library like this may be useful in a variety of situations.
Understanding how these backdoors work can [...]

8

Load Balancer Enumeration

Posted by dk
November 20, 2006

Load Balancer Enumeration
author: david.kierznowski_at_gmail.com
http://michaeldaw.org

Table of Contents:
0. Introduction
1. Dynamic DNS
2. Proxies
2a. Cookie Analysis
2b. Web Server Configuration issues
2c. Using the TCP/IP Stack
2d. Using HTTP Date: field
3. References

0. Introduction

Load balancing (performed by a load balancer) is a type of service performed by a computer that assigns work loads to a set of networked computer servers in such a [...]

2

WordPress Securify

Posted by dk
November 13, 2006

Update: 17/Jan/06 – WordPress Securify Plugin Released.
Update: 18/Nov/06 – Wordpress Securify v1.0b released
Changes include:
- Added Pre-Check functions to prevent overwriting important values.
- Added file/directory permission check
- Added function to change filenames with wp- extension.
- Added additional sanitity checks.

On the 11/11/06 _ANtrAX_ released a post on full-disclosure regarding a “Remote File Inclusion” vulnerability in WordPress [...]

Next Page