Archives

Show All

  • 2009
  • 2008
    • December
      • OWASP - AJAX Testing Survey
        12/28/08
        Today, I was working on reviewing all of the AJAX tools listed on the OWASP site. I would like to get input from the rest of the community to determine what are the best AJAX tools and why. If you're testing web applications with AJAX, please take a moment to review this survey:

        Clic

      • American Express bitten by XSS bugs (again)
        12/20/08
        http://www.theregister.co.uk/2008/12/20

      • A little Perl makes an 0day a good day
        12/16/08
        There was a recent 0day for IE 7, you may have heard a thing or two about it lately in the press. M$ is releasing a out of band patch tomorrow, http://isc.sans.org/diary.html?storyid=5497.

        meh.

        For those of you who wanted a bit easier route with the exploit, here is a few hel

      • Burpsuite 1.2 released!
        12/15/08
        My favorite web application testing framework has just been updated.

        http://seclists.org/webappsec/2008/q4/0041.html

        Awesome job PortSwigger! I look forward to many future releases.

        Regards,
        Jabra

      • Pidgin fail
        12/07/08
        Recently, a Red-Hat friend reminded me of an issue with pidgin in that when you save your password, it is saved in clear-text.

        Linux/Unix:

        ~/.purple/accounts.xml

        Windows XP:

        C:\Documents and Settings\%USERNAME%\Application Data\.purple\accounts.xml
        <

    • October
    • September
    • June
    • April
    • February
    • January
  • 2007