-
The Month of Burp Pr0n
The creators of BURP Proxy are making major updates to this free web proxy. "The next release of Burp Suite is near to completion, and will be made available during December if all goes well. This is a significant upgrade, with major enhancements to several existing components, and some exciting brand new tools. In fact,…
-
Wireshark 1.0.4 Released
A new version of Wireshark (Ethereal) has been released to address multiple security issues. "Impact It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 1.0.4 or later. Due to the nature…
-
Dave Aitel on Static Analysis Tools
Dave Aitel has posted to dailydave with his thoughts on Static Analysis Industry. From his email "So OWASP was dominated by lots of talk from and about static code analysis tools. I wandered around with a friend of mine at the various booths (CodeSecure [1], Fortify[2], IBM AppScan[3], Ounce Labs) and tried them all while…
-
Reviews: Security scans with OpenVAS
" As important as security is, remaining current with every development is hard, and evaluating possible vulnerabilities across a network can be quite a chore. You need a way to both automate tests and make sure you’re running the most appropriate and up-to-date tests. Open Vulnerability Assessment System (OpenVAS) is a network security scanner that…
-
Tools: Scalp – Apache log analyzer for security
Romain Gaucher posted the following email to The Web Security Mailing List today announcing a handy tool he authored. "I remember reading here a couple of emails about how to analyze the apache log in order to look for potential attacks.Since I needed to do exactly the same few times ago, I did a simple…
-
Samurai Web Testing Framework
" As live CD’s have become more popular, specialized distributions have begun to emerge. One such specialty live CD is Samurai, a distribution squarely focused on web application penetration and vulnerability testing. Samurai is dubbed a "web testing framework" in much the same way that Metasploit is termed a framework. Samurai is sponsored by IntelGuardians…
-
Tools: Grendel Scanner a new Web Application Security Scanner
While attending defcon I got to check out a talk on a new web application security scanner called Grendel scanner. For those of you who don’t know I used to work at spi dynamics on the webinspect product (now part of HP) and I got to say it is one of the more impressive looking…
-
Tools: Microsoft Announces Three Tools to help prevent SQL Injection
"On Tuesday, Microsoft issued new tools to assist Microsoft ASP and ASP.NET technologies against recent Web-based attacks. In April attackers went after Microsoft SQL sites by injecting malicious JavaScript onto legitimate sites. The JavaScript would direct a browser to a server hosting malicious software infecting the desktop with a variety of exploits. At the time…
-
Tools: Peach 2.1 Fuzzing Framework BETA3 Released
From the 'Millions of peaches, peaches for me. Millions of peaches, peaches for free ' department The following was posted to the full disclosure mailing list. "Peach 2.1 BETA3 has been released! This new beta includes a lot of changes and makes Peach feature complete for the 2.1 release coming in the next month or…
-
Tools: Peach Fuzzer Framework 2.1 BETA2 Released
The following was sent to the daily dave list today by Michael Eddington "The latest in the Peach 2 series has been posted. This release includes many bug fixes, features, improvements, and supersedes 2.0 as the recommended version to use. * Fuzzers written in XML by defining data definitions * Unittests to improve stability and…
-
Tool Release: tmin: Fuzzing test case optimizer
Michal Zalewski has released tmin. From his announcement to bugtraq "I'd like to announce tmin – a free, quick, and handy tool to quickly and effortlessly minimize the size and syntax of complex test cases in automated security testing. I found the tool to be remarkably useful, as it saved me from hours of manual…
-
Getting to see an enigma machine at RSA 2008
My week at RSA has been fairly interesting. One of the highlights was getting to see an enigma at the NSA booth. Here is a short video I made of the NSA Museum employee explaining how it works.
-
Meet the hacker Fyodor, creator of Nmap
There is a short interview at techtarget with the creator of nmap 'fyodor'. Interview Link: http://searchsecurity.techtarget.com.au/topics/article.asp?DocID=1288741
-
xmitm: xml man in the middle tool
An interesting post on intercepting flash XMPP traffic. "This post is a result of ideas and tools developed during the review of client-side applications that use the XMPP protocol to communicate with a server (opening a raw socket, not using HTTP as a transport). The only way we could think of getting our hands on…
-
Cracking passwords the Web application way: A rundown of web based haxoring tools
This article reviews various tools that can be used to brute force web forms and web based auth. "This mish-mash of security is the basis of Web login vulnerabilities and why passwords are often easily cracked. Be it form-based, HTTP Basic, or NT LAN Manager (NTLM) (the three main types of authentication that most applications…
-
Tools: SWFIntruder released
Stefano writes "The first release of SWFIntruder has been released today by Stefano Di Paola, CTO of Minded Security. SWFIntruder (pronounced Swiff Intruder) is the first tool specifically developed for analyzing and testing security of Flash applications at runtime. It helps to find flaws in Flash applications using the methodology originally described in Testing Flash…
-
Why crawling doesn’t matter
tssci has a VERY long post about crawling in relation to vuln assessments. "This post isn’t intended to be a retort to Jeremiah Grossman’s post last month on Why crawling matters, but more of a follow-up post to my latest blog entry on Why pen-testing doesn’t matter. Hint: both pen-testing and crawling are still important/matter,…
-
Nikto 2 released
Sullo writes " Nikto is an open source (GPL) web server scanner which performs tests against web servers for multiple items, including over 3500 po tentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Version 2 adds a ton of enhancements, including: – Fingerprinting web servers via favicon.ico…
-
AppsecInc Granted Database Encryption Patent
United States Patent 7266699 was issued to AppSecInc. From the patent "The invention provides a transparent encryption infrastructure which allows the user to point-and-click on columns and tables to encrypt data. The creation of triggers and views are also easily implemented, to encrypt and decrypt data, to manage the encryption keys and to grant and…
-
Visual Studio Plugin XSSDetect Available To Detect Cross-Site Scripting In Your Code
"One of the biggest, constant problems we've seen our enterprise customers deal with and we here at Microsoft have to also contend with is that of the XSS (Cross Site Scripting) bug. It's very common and unfortunately, still an issue we have to deal with in many web applications. Internally, the ACE Team has been…
-
Article: Analyzing the Effectiveness and Coverage of Web Application Security Scanners
Larry Suto has written a paper reviewing Webinspect, Appscan, and NTO Spider. From the article "The study centered around testing the effectiveness of the top three web application scanners in the following 4 areas. 1. Links crawled 2. Coverage of the applications tested using Fortify Tracer 3. Number of verified vulnerability findings 4. Number of…
-
How to Turn Your Browser Into a Weapon
"I wrote about three of my favorite Firefox extensions that help me stay safe when I'm browsing the darker areas of the Web and incoming email. Today, let's look at three other extensions: Those that can turn Firefox into a feature-filled, Web-hacking weapon. These extensions aren't required to use Firefox for hacking Web applications, but…
-
Rolling Review Wrap-up: Web Application Scanners
The final review of Web application security scanners has been released by darkreading. "As we wrap up our four-month Rolling Review series, we do want to award some partial credit. While only IBM's WatchFire AppScan automatically handled our Ajax applications, Acunetix Web Vulnerability Scanner, Cenzic Hailstorm and Hewlett-Packard WebInspect (post-update) were capable of analyzing and…
-
Free Automated Web Application Firewall From Armorlogic
"Armorlogic, the Danish web application firewall provider, announces Profense™ Base, the only automated web application firewall available for free. And there is no catch. Free means free for commercial as well as non-commercial use, without time limitation." "ISO images and software licenses are available from www.armorlogic.com." I've never heard of this company or tried this.…
-
Rolling Review: N-Stalker Web App Scanner
"The range of products calling themselves "security scanners" is so broad that the designation is flirting with irrelevance. You have your vulnerability assessment software, which uses large databases of known vulnerabilities. Then there are penetration-testing applications that focus on fewer vulnerabilities but include the ability to exploit flaws instead of just identify them. More relevant…
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack