Interesting links – September 17
Potentially interesting links for September 17:
- Damn Vulnerable Web App – Example vulnerable PHP/MySQL web app for education. Light weight, easy to use and full of vulnerabilities to exploit. See also this list of other intentionally vulnerable apps for training purposes at Ha.ckers.
- Origami: generate and analyze malicious PDFs – Parses, analyzes, and forges PDF documents. Analyze and create on-the-fly customized PDFs, or to inject (evil) code into already existing documents. Written in Ruby.
- IETF Remediation of Bots in ISP Networks – (Via SANS) Draft recommendations for Internet Service Providers to deal with subscriber computers infected with malicious bots.
- BinScope Binary Analyzer – Analyzes binaries for compliance with Microsoft’s Security Development Lifecycle (SDL). Checks compiler/linker flags, that strong-named assemblies are used, up-to-date build tools are in place, and the latest good ATL headers are being used. Also reports on dangerous constructs prohibited by MS’s SDL.
- MiniFuzz File Fuzzer – Basic fuzzer for novices. Creates multiple random variations of file content and feeds it to an application. Free from Microsoft
Posted in Interesting |
Tags: analysis, botnet, bots, development, fuzzing, interesting, isp, microsoft, programming, reference
Tags: analysis, botnet, bots, development, fuzzing, interesting, isp, microsoft, programming, reference