]]>
]]>
This document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.
Adobe categorizes this as a critical update and recommends affected users upgrade to version 10.0.12.
The Secunia PSI is the FREE security tool that is designed with the sole purpose of helping you secure your computer from software vulnerabilities. Software vulnerabilities affect all applications installed on your computer, from the Operating System down to your email client, office application, instant messaging, and so on.
In order to protect the majority of blogs which don't use these protocols against any possible security vulnerabilities we should disable them by default.
Les mecs confiants dans la sécurité de leur produit ...
Scrawlr, developed by the HP Web Security Research Group in coordination with the MSRC, is short for SQL Injector and Crawler. Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities.
Download a free trial of IBM Rational AppScan Standard Edition V7.7, previously known as Watchfire AppScan, a leading Web application security testing tool that automates vulnerability assessments and scans and tests for all common Web application vulnerabilities including SQL-injection, cross-site scripting and buffer overflow.
]]>
]]>
PHP Coding Practices - Become an expert PHP Programmer
]]>
Privacy Statement: The WordPress Online Scanner will collect information about potential vulnerabilities found on your blog during the scanning process. The information will be displayed to yourself and stored by the BlogSecurity team for statistical purposes and further research. This information includes, your blog name, template, plugins, vulnerabilities and any other test conducted by our tool. Your blog name and URL will not be made public, and is only stored to track abuse.
This article lists five of the "worst offenders" of misconfigurations of application security that are universally problematic for all ASP.NET Web-based applications. Part two of this article will list an additional five misconfigurations that are specifically applicable to ASP.NET sites that use Web Forms authentication
It's a simple tool that makes it easy to test CSRF using POST, hopefully demonstrating how prevalent CSRF vulnerabilities are as well as reducing the misconception that forging a POST request is complicated.
This project is devoted to demonstrating a weakness in public key encryption to an active sniffer in the form of a man-in-the-middle style attack, which essentially "taps" the connection of a machine and allows the attacker to view the contents of future encrypted sessions.
The Zero Day Initiative (ZDI), founded by TippingPoint, a division of 3Com, represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. The program's goal is threefold: 1. reward independent security research 2. promote and ensure the responsible disclosure of vulnerabilities 3. provide 3Com's TippingPoint division customers with the world's best security protection
LAS VEGAS--A strange two-wheeled creature was skimming through the halls of the Alexis Park Hotel on Sunday--a robot that sniffs out network vulnerabilities.
PHP Coding Practices - Become an expert PHP Programmer
Google engEDU 1 h 14 mn
Pentoo is a penetration testing LiveCD distribution based on Gentoo. It features a lot of tools for auditing and testing a network, from scanning and discovering to exploiting vulnerabilities.
Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.
]]>
]]>