Showing posts from May, 2009

Greasemonkey Script: WebPageFingerprint Series

WebScarab Demonstration Series

Passive Vulnerability Scanning with RatProxy

Attack Log Analysis with Scalp!

HTTP Form Brute Forcing With JHijack

Why JS Malwares are still prevelent and bypassing AV Scanners

Session Strength Analysis With Stompy

Checking Weak SSL Ciphers With THCSSLCheck

Discovering Browser Plugin Vulnerabilities

Owning the box via Web Browser Flaw

XSS in phpMyAdmin 2.11.7

OWASP WebGoat Web Hacking Simulation Series [over 40 Movies]

Trusting The Vulnerability Scanner: Danger of False Negative Sign

Owning the box Via Web Application Flaw

Performing Directory Brute-Force Attack

Evading Firefox XSS-Warning Addon Filter

Exploiting Logic Flaw

Finding XSS with Automated Tool [Interactive]

Finding XSS with Automated Tool

How Bad Guys Steal your Login Info Smartly

Desirable Input Validation Baseline Check

Attacking The Spammers with PhpMySpamFighter


Web Firewall Detector

Web Firewall Stress Tester

Joomla! Security/Vulnerability Scanner

Ultimate Hackerfox Addons


phpMyAdmin Configuration Security Checker

PHP Login Info Checker (LIC) v.01

Php-Brute-Force-Attack Detector

Apache mod_rewrite security rules





JHijackv.01 beta

GreaseMonkey:: Web Security Toolkit

Web Application Security Papers Archived (WASPA)

Multiple vulnerabilities in PhpMyAdmin

Gmail-Lite XSS Hole

CodeIgniter Global XSS Filtering Bypass Vulnerability

Ning.Com Captcha Protection Bypass Vulnerability

Input Flood Vulnerability in burglish chat

XSS Archive Screenshots

Apache Security Bypass Vulnerability in DOMPDF

Gmail-Lite Shell Code Execution Vulnerability

XSS-Warning Addon Filtering Bypass Vulnerability

Hacker Web Search Aggregator


Resource Directory

Web App Security Assessment Report Generator (WA-SARG)

What a perfect whitehat!

Better Study Strategies

A Dark Intro To Google Hacking

Php5 Built-in String Filter Functions For Security

Introducing Malware Script Detector

An Apache Trick to protect sensitive/backup files

Ongoing Web Application Security Model (OWA-SM)

An Apache Trick to prevent Shell File Attack

Directory Bruteforce Attack

Security Professional How to

Why Session Protection Fails

Ways to Protect Sensitive Files & Directories

Web Browser Plugins Vulnerabilities

Hunting for Backdoor Scripts

Things to do When you got hacked

Causes Of Security Flaws 101

What XSS Can Do

Defeating X-Rummer Spam Bot

Disclosure Vulnerability:phpinfo

Disclosure Vulnerability:robots.txt

A Nice Approach to IT Certifications

Next-Generation Phishing Attack