Friday, 23. March 2012
DarkComet Analysis
Info
http://securityxploit.blogger.de/stories/1901179/

Permalink

 


Configuration Check Tool
eEye Digital Security, the industry’s leading innovator of threat management solutions, just released new research, “Working Toward Configuration Best Practices” . Findings verify that proper configuration and mitigations remain the most effective way to secure IT infrastructure.

Info PDF
http://www.eeye.com/eEyeDigitalSecurity/media/ResearchPapers/eEye_ICWST_WP.pdf

Download
http://go.eeye.com/icwt

Permalink

 


HTML5 Top 10 Attacks and Exploits
• ClickJacking & Phishing by mixing layers and iframe
• CSRF and leveraging CORS to bypass SOP
• Attacking WebSQL and client side SQL injection
• Stealing information from Storage and Global variables
• HTML 5 tag abuse and XSS
• HTML 5/DOM based XSS and redirects
• DOM injections and Hijacking with HTML 5
• Abusing thick client features
• Using WebSockets for stealth attacks
• Abusing WebWorker functionality

Download PDF
http://www.blackhat.com/html/bh-eu-12/bh-eu-12-archives.html#shah

Permalink

 


GooDork - Linux
GooDork is a simple collection of python scripts designed to bring the power of google dorking straight to your command line.

Info
https://github.com/k3170makan/GooDork/wiki

Download
https://github.com/k3170makan/GooDork

Doxing A hosting server using GooDork
http://pastebin.com/VU7NArKL

Permalink

 


Various Banks - XSS
Demo:
http://www.banki.ru/bitrix/rku.php?id=829&goto=http://xxxxx.com

Google Dork:
inurl:bitrix/rk.php

by
Sony and Flexxpoint

Permalink

 


DOJOCON 2010 Videos
Full List:
http://ia600305.us.archive.org/1/items/DojoconVideos/

Permalink