Bookmarks for November 3rd through December 16th
December 16th, 2009
View Comments
These are my links for November 3rd through December 16th:
- Millions of PDF invisibly embedded with your internal disk paths | SecureThoughts.com -
- Traffic Talk: Tips: SearchNetworkingChannel.com – by Richard Bejtlich
- Regular Expression Generator and Tester – I always find myself using regular expressions (a.k.a. regex) in my programming because they are often the best way to parse out bits and pieces from blocks of text. Ever since I discovered the online RegExr that has been my tool of choice, but sometimes it’s nice to have a dedicated application. Programs like RegexBuddy are awesome, but aren’t free.
- Laudanum: Injectable Functionality for Penetration Testing – Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others.
- Eight Ways to Hack Oracle – DatabaseJournal.com -
- How to Disrupt a Botnet – SANS Computer Forensics, Investigation, and Response -
- Skeptikal.org: Cross-subdomain Cookie Attacks – I did a talk at Toorcon last weekend on exploiting client-side applications’ trust in subdomains. Primarily, it formalized and demonstrated a few attacks on cookies, which implement security policies backwards by placing more trust in a subdomain of a trusted domain, rather than less, as the hierachical nature of DNS would suggest.
- Five Mistakes of Security Policy -
Categories: del.icio.us
Comments