... neuere Einträge
Sunday, 17. July 2011
Guide to XSS
Am Sunday, 17. Jul 2011 im Topic 'Tutorials'
XSS aka Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code which is then executed within the victim's browser when the target site vulnerable to and injected with XSS is viewed. The script-code can be any language supported by the browser but mostly HTML and Javascript is used along with embedded Flash, Java or ActiveX.
In some cases where the XSS vulnerability is persistent as described further below, the attacker will not have to craft a link as the injected script is inserted directly into the target site and / or web application. The target user(s) still has to view the affected site / page where the injected code is located though.
Source
http://pastebin.com/X35W0tkD
by
MaXe
In some cases where the XSS vulnerability is persistent as described further below, the attacker will not have to craft a link as the injected script is inserted directly into the target site and / or web application. The target user(s) still has to view the affected site / page where the injected code is located though.
Source
http://pastebin.com/X35W0tkD
by
MaXe
Creepy Geolocation Gathering Tool 0.1.94
Am Sunday, 17. Jul 2011 im Topic 'Tools'
creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation
Download
https://github.com/ilektrojohn/creepy/downloads
Download
https://github.com/ilektrojohn/creepy/downloads
PHPmyadmin Finder - Perl
Am Sunday, 17. Jul 2011 im Topic 'Source Code'
This is a simple perl script that enumerates various possible directories on a given website in order to determine whether or not a phpMyAdmin instance may be installed.
Source
http://pastebin.com/1cbN2Yfm
Source
http://pastebin.com/1cbN2Yfm
WiRouter KeyRec 1.0.8
Am Sunday, 17. Jul 2011 im Topic 'Web Security'
WiRouter KeyRec is a powerful and platform independent piece of software that recovers the default WPA passphrases of the supported router's models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley).
Download
http://tools.salvatorefresta.net/WiRouter_KeyRec_1.0.8.zip
Download
http://tools.salvatorefresta.net/WiRouter_KeyRec_1.0.8.zip
UPDATE: Malware Analyzer v3.2
Am Sunday, 17. Jul 2011 im Topic 'News'
This is the official change log for the updated release:
Added ThreatExpert for online scanning option
Packed libraries onto single executable
Improved Traces signatures
Bug Fixes
Link
http://securityxploit.blogger.de/stories/1848885/
Added ThreatExpert for online scanning option
Packed libraries onto single executable
Improved Traces signatures
Bug Fixes
Link
http://securityxploit.blogger.de/stories/1848885/
... ältere Einträge