Archive for 'Interesting' Category
Interesting links – March 16
Potentially interesting links for March 16:
WhatWeb – Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. Written in Ruby.
Analyzing the Accuracy and Time Costs of Web Application Security Scanners (pdf) – Tests of Accunetix, IBM Appscan, BurpSuitePro, Cenzic Hailstorm, HP WebInspect, NTOSpider, and Qualys. (NTOSpider wins for accuracy).
Web Security Dojo [...]
Interesting links – March 2
Potentially interesting links for March 2:
“Aurora” Response Recommendations (pdf) – Recommendations on how to defend against the “aurora” attacks used against Google and others. Internal DNS monitoring, VPN enrollments and (of course) better control of Windows endpoints are three key recommendations.
No more and = 1 – SQL injection and XSS testing assistant. Interactive and [...]
Interesting links – February 17
Potentially interesting links for February 17:
Security Scoreboard – Security product directory and rating site. Vendor independent. Community driven.
thrashd – Centralized rate-limiting services to one or many clients. Doesn’t block connections itself, but determines whether a connection should be blocked.
Guerilla Security Leadership – A fun rant from Mike Rothman about the lack of security leadership and getting [...]
Interesting links – January 11
Potentially interesting links for January 11:
wireplay – Facilitates fuzzing of unknown/custom protocols. Reads PCAP dumps of valid communication between the target server and its client application, then modify the original data to introduce possible faults in the server and replay it to the server.
finddomains – Helps discover other domain names/web sites/virtual hosts hosted on a [...]
Interesting links – January 4
Potentially interesting links for January 4:
Ending the PCI Blame Game – Great article on the current crimeware plague draining bank accounts and suggestions on how to deal with it “Third-wave attacks are now, in my opinion, a national security concern, as this same technique can defeat security protections in place across the power grid [...]
Read the rest of this entry...