sql

4749_MockupCover.jpg

ModSecurity 2.5

ModSecurity 2.5 By Magnus Mischel Publisher: Packt http://link.packtpub.com/G1yrG4 30% DISCOUNT for Hakin9 WHOLE SUBSCRIBERS!!! Add the eBook to the shopping cart on the Packt website. Eenter the THE CODE: ‘opbgsms‘ in the ‘Enter Promotion Code’ field. Then Click ‘Add Promotional Code’…

9781597496049

Review of Web Application Obfuscation

Review of Web Application Obfuscation By Aby Rao, MS, CISSP, Security+, ITIL-F, ISO/IEC 20000, Project+ Principal, Verve Security (http://www.vervesecurity.com) www.syngress.com   Obfuscation – the act or an instance of making something obscure, dark, or difficult to understand It’s quite uncommon…

web app obfuscation

Web Application Obfuscation

Web Application Obfuscation By Mario Heiderich, Eduardo Alberto Vela Nava, Gareth Heyes, David Lindsay Publisher: Syngress December 2010 U.S.,  January 2011 EMEA www.syngress.com Description Web applications are used every day by millions of users, which is why they are one…

Web Applications: Testing and Securing Your Code

With the high demand for applications and information, companies have made data readily and easily available. Web applications, to keep in touch with friends, download music, or order a new espresso machine, are used so commonly you seldom think about…

Web App Security

Web App Security 7/2011

Latest News From the IT Security World By Armando Romeo, eLearnSecurity and ID Theft Protect Mummies still walk among us! By Ali Al-Shemery Imagine all the great sources of information on the Internet today such as: news groups, blogs, websites…

Researchers warn of mass meshing injection attack

The research team at Armorize have discovered a mass SQL injection coupled with a drive-by download, which they describe as a “mass meshing injection” attack. –Mass Meshing Injections are unlike Mass SQL injection attacks such as Lizamoon, which are easily…

TDSS botnet – full disclosure. Part II

After breaking into the world’s biggest botnet, which was covered in the previous issue of Hakin9, we performed thorough analysis of the botnet’s undercover logic. Authors: ANDREY RASSOKHIN, DMITRY OLEKSYUK Source: Hakin9 11/2010 https://hakin9.org What you will learn… How to pwn a botnet, starting…

TDSS botnet – full disclosure

What is a botnet? A botnet is not merely an army of infected computers. First of all, a botnet is an externally managed complex structure. While the malware side is studied pretty well in most known botnets, the management side…

Threat Modeling Basics

An exercise in building secure software. Author: TIMOTHY KULP Source: Hakin9 4/2010 https://hakin9.org Why software is not secure In the world of software, security is thrown into a system somewhere at the end of the project. For many developers adding security…

Codescan

Codescan is a source code analysis tool, that will allow you to scan your code and then produce detailed reporting on all the vulnerabilities that are found in your code. By scanning and repairing your code throughout your project, so…

Remote Assessment Aanval 3

Quick Start. Installation is quick and straightforward with a webbased wizard checking to ensure the required dependencies (PHP, Perl and MySQL) are installed and then prompting for the MySQL server to use. A few short steps later and you’re greeted…