Bookmarks for February 26th through March 5th
These are my links for February 26th through March 5th:
- Fireforce – Fireforce is a Firefox extension designed to perform brute-force attacks on GET and POST forms.
Fireforce can use dictionaries or generate passwords based on several character types. Attacks can be performed on two separate fields using two distinct password sources. - Windows Incident Response: Looking for “Bad Stuff”, part I – Searching for unknown issues within a Windows image is always a tough thing
- 7 Things You Need to Know About HITECH | Optimal Security: The Lumension Blog – Today, Wednesday, February 17, 2010, marks one year since the HITECH Act of 2009 passed. This means that most of the Act’s provisions are now enforceable – particularly, the breach notification and penalties aspect of the Act. While most healthcare organizations are concerned about the “meaningful use” requirement, for us in the IT security space it is the expanded PHR safeguards that are important.
- Playbook | Introducing Flint – Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:* CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic.
* ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
* SANITY CHECK CHANGES to see if new rules create problems.Flint is absolutely free. There’s no catch. You can download the source from our git repository. This isn’t the “play at home” version; it’s our second product, and we want to do it open source. Here you go!
- Snorby – All about simplicity. -
- Mavituna Security – Blog – WebRaider – Idea of this attack is very simple. Getting a reverse shell from an SQL Injection with one request without using an extra channel such as TFTP, FTP to upload the initial payload.
- The Omni Group – OmniDiskSweeper – OmniDiskSweeper is a utility for quickly finding and deleting big, useless files and thus making space on your hard disks.
- The Security Development Lifecycle : Casaba Releases Watcher 1.3.0 with Added SDL Integration – Hi everyone, Bryan here. We’ve written here before about Casaba Security’s Watcher tool and how it can help you verify compliance with several of the SDL web application security requirements
- Breaking Weak CAPTCHA in 26 Lines of Code | Bonsai – Information Security Blog – During one of our latest engagements we found a weak CAPTCHA implementation being used in the target Web application. The assessment was being performed on-site, and after identifying this vulnerability we started to talk with the CSO about how easy it would be to break it.
Related posts:
Categories: del.icio.us
Comments