Site Update since 2010-10-08
2010-11
------------
- Added Metasploit plugin - vhost_scannery.rb
2010-10
------------
- Updated HackerWebSearch
- Added XSS attack demo on Joomla! 1.5.20
- Added XSS advisory on Joomla! 1.5.20
2010-09
------------
- Updated modrewrite-securityrule
- Divided new tools section - joint
- Added new tool - inspath [Internal Path Disclosure Finder]
- http://yehg.net/lab/pr0js/files.php/inspath.zip
- Added new article - Path Disclosure Vulnerability
- http://yehg.net/lab/pr0js/view.php/path_disclosure_vulnerability.txt
- Added inj3ct0r in Hacker Web Search
2010-08
------------
- Added advisories:
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_bc%5D_cross_site_scripting
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_bcaccount%5D_persistent_cross_site_scripting
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_blastchatc%5D_cross_site_scripting
http://yehg.net/lab/pr0js/view.php/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting(XSS)
http://yehg.net/lab/pr0js/view.php/[adbard.net]_xss
http://yehg.net/lab/pr0js/view.php/[linkbucks.com]_xss,redirect
http://yehg.net/lab/pr0js/advisories/2wire/%5B2wire%5D_session_hijacking_vulnerability
- Updated Hacker Web Search Aggregator (aka. Ultimate Recon)
http://yehg.net/q
- Updated PHP Charset Encoder
http://yehg.net/e
- Added new article - Most Neglected Fact About CSRF
http://yehg.net/lab/pr0js/view.php/A_Most-Neglected_Fact_About_CSRF.pdf
- Divided advisory section into sub categories - commercial, open-source, web site
http://yehg.net/lab/#advisories
- Added xss payload files with different extensions (jpg,css, js,htc) , mostly from from ha.kcers.org
http://yehg.net/lab/#words
- Added common apache log files location for reference that aids in LFI attack
http://yehg.net/lab/pr0js/pentest/wordlists/others/apache_logs_loc.txt
------------
- Added Metasploit plugin - vhost_scannery.rb
2010-10
------------
- Updated HackerWebSearch
- Added XSS attack demo on Joomla! 1.5.20
- Added XSS advisory on Joomla! 1.5.20
2010-09
------------
- Updated modrewrite-securityrule
- Divided new tools section - joint
- Added new tool - inspath [Internal Path Disclosure Finder]
- http://yehg.net/lab/pr0js/files.php/inspath.zip
- Added new article - Path Disclosure Vulnerability
- http://yehg.net/lab/pr0js/view.php/path_disclosure_vulnerability.txt
- Added inj3ct0r in Hacker Web Search
2010-08
------------
- Added advisories:
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_bc%5D_cross_site_scripting
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_bcaccount%5D_persistent_cross_site_scripting
http://yehg.net/lab/pr0js/advisories/joomla/%5Bcom_blastchatc%5D_cross_site_scripting
http://yehg.net/lab/pr0js/view.php/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting(XSS)
http://yehg.net/lab/pr0js/view.php/[adbard.net]_xss
http://yehg.net/lab/pr0js/view.php/[linkbucks.com]_xss,redirect
http://yehg.net/lab/pr0js/advisories/2wire/%5B2wire%5D_session_hijacking_vulnerability
- Updated Hacker Web Search Aggregator (aka. Ultimate Recon)
http://yehg.net/q
- Updated PHP Charset Encoder
http://yehg.net/e
- Added new article - Most Neglected Fact About CSRF
http://yehg.net/lab/pr0js/view.php/A_Most-Neglected_Fact_About_CSRF.pdf
- Divided advisory section into sub categories - commercial, open-source, web site
http://yehg.net/lab/#advisories
- Added xss payload files with different extensions (jpg,css, js,htc) , mostly from from ha.kcers.org
http://yehg.net/lab/#words
- Added common apache log files location for reference that aids in LFI attack
http://yehg.net/lab/pr0js/pentest/wordlists/others/apache_logs_loc.txt