websec.wordpress.com
Reiners' Weblog | anything about Web Securityanything about Web Security (by Reiners)
http://websec.wordpress.com/
anything about Web Security (by Reiners)
http://websec.wordpress.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Friday
LOAD TIME
0.8 seconds
16x16
32x32
PAGES IN
THIS WEBSITE
16
SSL
EXTERNAL LINKS
143
SITE IP
192.0.78.13
LOAD TIME
0.771 sec
SCORE
6.2
Reiners' Weblog | anything about Web Security | websec.wordpress.com Reviews
https://websec.wordpress.com
anything about Web Security (by Reiners)
websec.wordpress.com
Talks | Reiners' Weblog
https://websec.wordpress.com/talks
Anything about Web Security. Static Detection of Vulnerabilities in Modern PHP Applications. 26112014, Bochum, Germany, Hackerpraktikum. Https:/ www.nds.rub.de/teaching/hackpra/. Code Reuse Attacks in PHP: Automated POP Chain Generation. 04112014, Scottsdale (AZ), USA, CCS. Http:/ www.sigsac.org/ccs/CCS2014/pro paper.html. Static Detection of Second-Order Vulnerabilities in Web Applications. 21082014, San Diego (CA), USA, Usenix Security. 22022014, San Diego (CA), USA, NDSS. Https:/ www.gdata.de. Http:/ ...
February | 2013 | Reiners' Weblog
https://websec.wordpress.com/2013/02
Anything about Web Security. Project RIPS v0.54 – Status. February 1, 2013. I just updated RIPS. And fixed some JavaScript errors that came up due to the latest browser updates (thank you for the reports). You can download it here. Now the code viewer and other window features should work again. At the same time I am announcing that the current version of RIPS will not. Planned. Any updates will be released here or via twitter. The project continues … =). You are currently browsing the Reiners' Weblog.
Tools | Reiners' Weblog
https://websec.wordpress.com/tools
Anything about Web Security. This little tool scans PHP Scripts for potential vulnerable PHP functions and then traces back its parameters. With this you can easily see if a parameter of a vulnerable function comes from userinput. Additionally PHP Scanner allows you to mark those lines in the source (bottom frame) and build custom CURL code to exploit the issues found. New and open source version: see RIPS). RIPS – A static source code analyser for vulnerabilities in PHP scripts. Would you mind to give a...
Secuinside CTF 2013 writeup – The Bank Robber | Reiners' Weblog
https://websec.wordpress.com/2013/05/26/secuinside-ctf-2013-writeup-the-bank-robber
Anything about Web Security. Secuinside CTF 2013 writeup – The Bank Robber. This weekend I had a look at the secuinside CTF. Web challenges. As last year I really enjoyed them, thank you to the author. Of a bank robber crew. It had two security vulnerabilities one had to identify and exploit step by step. First, a SQL Injection. Was exploited to read the applications source code. Then the source code was analyzed for a File Disclosure. Vulnerability to read the flag file. Note that we had to use double u...
Project RIPS v0.54 – Status | Reiners' Weblog
https://websec.wordpress.com/2013/02/01/project-rips-v0-54-status
Anything about Web Security. Project RIPS v0.54 – Status. I just updated RIPS. And fixed some JavaScript errors that came up due to the latest browser updates (thank you for the reports). You can download it here. Now the code viewer and other window features should work again. At the same time I am announcing that the current version of RIPS will not. Planned. Any updates will be released here or via twitter. The project continues … =). You can follow any responses to this entry through the RSS 2.0.
TOTAL PAGES IN THIS WEBSITE
16
grep Archives - Null Security
http://security.iam-null.com/tag/grep
Archives for : grep. Bypass preg replace… ou pas! Posted by : Miaou le chat thon. On : 25 octobre 2011. Bypass preg replace… ou pas! Bon, ben c’est un peu le fail tout ça quand même… Je me couche pas exprès pour aller en cours à 8h et j’suis tellement dans la rédaction de mon article que j’oublie totalement d’y aller! Pas grave, je rate pas celui de 9h30 (pitain, qu’est-ce que ma vie est intéressante, vous trouvez pas? Donc dans cette deuxième partie, de quoi allons nous parler? Hé bien, de preg replace!
htmlspecialchars Archives - Null Security
http://security.iam-null.com/tag/htmlspecialchars
Archives for : htmlspecialchars. Bypass preg replace… ou pas! Posted by : Miaou le chat thon. On : 25 octobre 2011. Bypass preg replace… ou pas! Bon, ben c’est un peu le fail tout ça quand même… Je me couche pas exprès pour aller en cours à 8h et j’suis tellement dans la rédaction de mon article que j’oublie totalement d’y aller! Pas grave, je rate pas celui de 9h30 (pitain, qu’est-ce que ma vie est intéressante, vous trouvez pas? Donc dans cette deuxième partie, de quoi allons nous parler? Bon, d’...
ls Archives - Null Security
http://security.iam-null.com/tag/ls
Archives for : ls. Bypass preg replace… ou pas! Posted by : Miaou le chat thon. On : 25 octobre 2011. Bypass preg replace… ou pas! Bon, ben c’est un peu le fail tout ça quand même… Je me couche pas exprès pour aller en cours à 8h et j’suis tellement dans la rédaction de mon article que j’oublie totalement d’y aller! Pas grave, je rate pas celui de 9h30 (pitain, qu’est-ce que ma vie est intéressante, vous trouvez pas? En tout cas, je vais quand même prendre le risque de rédiger cet article avant de partir!
Resources - Red Pill Security
http://www.redpillsecurity.net/resources
The gentleman’s guide to forum spies (spooks, feds, etc.). The gentleman’s guide to forum spies (spooks, feds, etc.). Open Source is a great idea and it has changed the world! 8211; Carnal0wnage &; Attack Research Blog. 8211; McGrew Security Blog. 8211; Information Security Think Tank. 8211; Don`t Learn to HACK – Hack to LEARN. 8211; A personal blog of Tom Eston. 8211; Richard Bejtlich’s blog on digital security. 8211; Blatherings of a Security Addict. 8211; By EnableSecurity. 8211; Rapid7 Community.
M@gn0B4lt - Security - Hacking - Programming - Linux: mayo 2010
http://magnobalt.blogspot.com/2010_05_01_archive.html
M@gn0B4lt - Security - Hacking - Programming - Linux. Miércoles, 12 de mayo de 2010. Laboratorio Metasploit java Web Start Escritorio Remoto Getgui. Otro mas laboratorio sobre Metasploit. Creo que este es uno de los exploit mas peligrosos con respecto a los anteriores que mostre, ya que lo estube probando y no llega a ser detectado por los AV. Esta falla fueron descubiertas paralelamente por Tavis Ormandy. La línea de comandos "-XXaltjvm "y. Un buen documento explicado sobre la falla es en este link.
M@gn0B4lt - Security - Hacking - Programming - Linux: agosto 2010
http://magnobalt.blogspot.com/2010_08_01_archive.html
M@gn0B4lt - Security - Hacking - Programming - Linux. Lunes, 23 de agosto de 2010. Prepared Statements PHP y MySQL- Alta usuario. Anduve probando unas cosas en PHP, en estos dias que estaba mas libre con la facultad, y me decidi crear un alta de usuario, donde haya una seguridad relativamente alta. Primero que nada use lo que se llama como Prepared Statements. Coloquemos un ejemplo de lo que seria una consulta con Prepared Statements,. Un consulta a un articulo de una noticia. En la sección de Prevencion.
M@gn0B4lt - Security - Hacking - Programming - Linux: junio 2010
http://magnobalt.blogspot.com/2010_06_01_archive.html
M@gn0B4lt - Security - Hacking - Programming - Linux. Lunes, 21 de junio de 2010. Directory Transversal en descarga de Archivo. Me encontre con una web la cual nesesitaba descargar un fichero que me resultaba de interes, donde la direccion de descarga era similar a esto:. Http:/ www.sitio.com/descarga/download.php? Por lo que me propuse verificar si dicho downloader tenia alguna validación, para provocar un Directory Transversal. Para descargarme el archivo download.php. Filename = $ GET['file'];. Change...
M@gn0B4lt - Security - Hacking - Programming - Linux: septiembre 2010
http://magnobalt.blogspot.com/2010_09_01_archive.html
M@gn0B4lt - Security - Hacking - Programming - Linux. Domingo, 19 de septiembre de 2010. Charla UNNE- RFI LFI and Directory transversal en Descarga de archivo. El sabado 18/09, (ayer :). Los chicos de la Franja me invitaron a un evento que se realializo en la Unversidad de la UNNE, FaCENA, a las 9 hs, donde hubieron 2 charlas, una de Evaluación de Sistemas. Y otra mia que fue sobre Seguridad en PHP. Quiero agradecer a los chicos de la Franja. Que hizo un video de LFI por metodo POST. Ver todo mi perfil.
M@gn0B4lt - Security - Hacking - Programming - Linux: Charla UNNE- RFI LFI & Directory transversal en Descarga de archivo
http://magnobalt.blogspot.com/2010/09/charla-unne-rfi-lfi-directory.html
M@gn0B4lt - Security - Hacking - Programming - Linux. Domingo, 19 de septiembre de 2010. Charla UNNE- RFI LFI and Directory transversal en Descarga de archivo. El sabado 18/09, (ayer :). Los chicos de la Franja me invitaron a un evento que se realializo en la Unversidad de la UNNE, FaCENA, a las 9 hs, donde hubieron 2 charlas, una de Evaluación de Sistemas. Y otra mia que fue sobre Seguridad en PHP. Quiero agradecer a los chicos de la Franja. Que hizo un video de LFI por metodo POST. Juan C. Morales.
M@gn0B4lt - Security - Hacking - Programming - Linux: septiembre 2009
http://magnobalt.blogspot.com/2009_09_01_archive.html
M@gn0B4lt - Security - Hacking - Programming - Linux. Domingo, 27 de septiembre de 2009. Bueno hace un rato estube jugando con el VNC, probando conexiones inversas. Esto puede ser muy util cuando por ejemplo no podemos abrir algun puerto en algun router ordinario, o por ejemplo cuando estemos atras de un router con alguna victima y quiseramos ver el escritorio de la misma. Entonces podemos hacer una conexion inversa hacia nosotros. Servidor TFTP descargar aqui. HKEY LOCAL MACHINE SOFTWARE ORL WinVNC3.
TOTAL LINKS TO THIS WEBSITE
143
websec.io - web application security
Is dedicated to educating developers about security with topics relating to general security fundamentals, emerging technologies and PHP-specific information. If there's a topic you don't see here and would like to read about (or would like to write an article) let us know. Looking for more information about securing PHP-based applications? Check out the Securing PHP ebooks. Security is for Beginners. Why isn't application security taught as a beginner concept? Input Validation Strategies - Introduction.
Sicurezza Informatica, SEO e Tecnologia - WebSecurity IT
FaceBook Image Fix v0.4.3. WebSecurity IT Sicurezza Informatica, SEO e Tecnologia. Alice Wpa Calculator OnLine. Fastweb Wpa Calculator OnLine. MD5 Encrypt / Decrypt. Amazon festeggia i 20 anni con il Prime Day. In onore del 20 compleanno del gigante delle vendita al dettaglio, Amazon, ha indetto un evento dav. M City: la Città dei Robot! Nasce a Detroit la prima città completamene popolata da Robot. Si chiama M City, ed è stata ideata p. Tre lancia l’Offerta ALL-IN 300 PAYBACK. M City: la Città dei Robot!
Websec.mx - Soluciones en Seguridad Digital
Llámanos: 52 555 340 8616. Detector De Puertas Traseras. Pruebas de penetración. Auditoría de código fuente. Evaluación de aplicaciones móviles. Uacute;ltimas entradas en nuestro blog. Comprometiendo cuentas con privilegios altos almacenadas en la base de datos de Lansweeper. Aprende como comprometer cuentas de privilegios altos almacenadas en Lansweeper. Nueva publicación: Mastering the Nmap Scripting Engine. Participación de Websec en DragonJAR Security Conference 2015. Pruebas de penetración. Una prue...
Price Request - BuyDomains
Url=' escape(document.location.href) , 'Chat367233609785093432', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=640,height=500');return false;". Need a price instantly? Just give us a call. Toll Free in the U.S. We can give you the price over the phone, help you with the purchase process, and answer any questions. Get a price in less than 24 hours. Fill out the form below. One of our domain experts will have a price to you within 24 business hours. United States of America.
websec.se - Denna domän kan vara till salu!
Find the best information and most relevant links on all topics related to websec.se. Denna domän kan vara till salu!
Reiners' Weblog | anything about Web Security
Anything about Web Security. Drupal 7.34 Admin PHP Object Injection. January 9, 2015. There is an interesting PHP object injection. Vulnerability in the latest Drupal 7.34. Version I played with lately and wanted to write about. It requires administrator privileges and thus its security impact is negligible because a Drupal administrator can execute arbitrary code by uploading custom modules anyway. However, the exploitation is fun and I will document each failed/succeeded step I took. Isset($this- curlH...
Even Balance, Inc. - PunkBuster Online Countermeasures
Welcome to Even Balance, Inc., home of PunkBuster™, the original anti-cheat system. For more than 15 years, the staff members at Even Balance have worked to identify and remove cheaters from dozens of on-line games. Our approach, technology, and experience have made PunkBuster the top-tier anti-cheat solution in the video game industry. 15 years of experience in the anti-cheat business. Support for all major and many proprietary game engines. Game specific cheat research and detection.
安星-首页
Discuz.net疑遭黑客入侵 打开首页有 . 回答 远程网页木马检查不会受影响, WEB程序安全 . C) 2008 启明星辰 版权所有 京ICP备05032414号.
WebSec365
Audit Your Website Security 24 Hours a day, 365 Days a Year. Your Data is At Risk. Did you know that 90% of websites have major vulnerabilities that could lead to the theft of sensitive corporate data like credit card information, email passwords and social security numbers? Does your website utilize web-based applications like shopping carts, forms, login pages, dynamic content, etc? Well, we’re sorry to inform you that those are a hackers paradise. WebSec365 Web Vulnerability Scanner Features:. Extensi...
Top 5 Considerations Startup Business Loans
Night Life in Dubai. Forex Trading - Make Money From Home. Home Business - Why Start A Home Based Business. Google Adwords - Using Adwords To Make Money. 7 Tips for a successful business loan. Football - A Football Betting Guide to Lay Betting Secrets. Immigration - Immigration to the United Kingdom. Top 5 Considerations Startup Business Loans. 4Gather some money down for the startup business loans. The best way to show a lender that you are serious about your new company is by having a healthy chunk...
VPN + Proxy Hub
Info, resources, downloads. Bull; 0 • 0 • 0 • 0. 2017 VPN Proxy Hub websecbypass.com.
SOCIAL ENGAGEMENT