+

Tagged With / 'sql'

September 5, 2011

4749_MockupCover.jpg

ModSecurity 2.5

ModSecurity 2.5 By Magnus Mischel Publisher: Packt http://link.packtpub.com/G1yrG4 30% DISCOUNT for Hakin9 WHOLE SUBSCRIBERS!!! Add the eBook to the shopping cart on the Packt website. Eenter the THE CODE: ‘opbgsms‘ in the ‘Enter Promotion Code’ field. Then Click ‘Add Promotional Code’ and the discount will be applied. Description A complete guide to using ModSecurity, this book […]

Read more

August 4, 2011

Training elearnsecurity No Comments
Web application security Lab by eLearnSecurity

Learn Web App Pentesting : 100% hands on from $99

If you like hands on training, you will love Coliseum Lab: the most revolutionary way to learn web application penetration testing. Coliseum is the Virtual lab powered by eLearnSecurity where students can practice and improve their pentesting skills in a sand-boxed virtual environment reachable through a web browser. No set up time. No virtual machines. […]

Read more

July 2, 2011

9781597496049

Review of Web Application Obfuscation

Review of Web Application Obfuscation By Aby Rao, MS, CISSP, Security+, ITIL-F, ISO/IEC 20000, Project+ Principal, Verve Security (http://www.vervesecurity.com) www.syngress.com   Obfuscation – the act or an instance of making something obscure, dark, or difficult to understand It’s quite uncommon for a technical book to have such a “heavy” word in its title. Please don’t […]

Read more

July 2, 2011

web app obfuscation

Web Application Obfuscation

Web Application Obfuscation By Mario Heiderich, Eduardo Alberto Vela Nava, Gareth Heyes, David Lindsay Publisher: Syngress December 2010 U.S.,  January 2011 EMEA www.syngress.com Description Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take […]

Read more

July 1, 2011


Web Applications: Testing and Securing Your Code

With the high demand for applications and information, companies have made data readily and easily available. Web applications, to keep in touch with friends, download music, or order a new espresso machine, are used so commonly you seldom think about how the information is presented to you. From this article you will find out how […]

Read more

July 1, 2011

Web App Security

Web App Security 7/2011

Latest News From the IT Security World By Armando Romeo, eLearnSecurity and ID Theft Protect Mummies still walk among us! By Ali Al-Shemery Imagine all the great sources of information on the Internet today such as: news groups, blogs, websites and forums, and you still see networks, and websites being hacked and torn down using […]

Read more

June 16, 2011

News Carlos A. Ayala No Comments

Researchers warn of mass meshing injection attack

The research team at Armorize have discovered a mass SQL injection coupled with a drive-by download, which they describe as a “mass meshing injection” attack. –Mass Meshing Injections are unlike Mass SQL injection attacks such as Lizamoon, which are easily detected due to a low number of malicious redirector domains that can be easily detected […]

Read more

November 1, 2010


TDSS botnet – full disclosure. Part II

After breaking into the world’s biggest botnet, which was covered in the previous issue of Hakin9, we performed thorough analysis of the botnet’s undercover logic. Authors: ANDREY RASSOKHIN, DMITRY OLEKSYUK Source: Hakin9 11/2010 https://hakin9.org What you will learn… How to pwn a botnet, starting from the malware binary. What you should know… General understanding of centralized botnets PHP Basics […]

Read more

October 1, 2010


TDSS botnet – full disclosure

What is a botnet? A botnet is not merely an army of infected computers. First of all, a botnet is an externally managed complex structure. While the malware side is studied pretty well in most known botnets, the management side is often underestimated. The latter usually involves hacking and vulnerability exploitation, because server side scripts […]

Read more

April 1, 2010


Threat Modeling Basics

An exercise in building secure software. Author: TIMOTHY KULP Source: Hakin9 4/2010 https://hakin9.org Why software is not secure In the world of software, security is thrown into a system somewhere at the end of the project. For many developers adding security to a system is using a login with SSL/TLS; but sadly, these two are not […]

Read more

March 1, 2010

Articles admin Comments Off

Codescan

Codescan is a source code analysis tool, that will allow you to scan your code and then produce detailed reporting on all the vulnerabilities that are found in your code. By scanning and repairing your code throughout your project, so long as you follow the recommendations from the reports, you should be releasing secure code […]

Read more

December 1, 2009


Remote Assessment Aanval 3

Quick Start. Installation is quick and straightforward with a webbased wizard checking to ensure the required dependencies (PHP, Perl and MySQL) are installed and then prompting for the MySQL server to use. A few short steps later and you’re greeted with the Aanval dashboard. Provide Aanval with the details of your Snort MySQL database store […]

Read more

IT MAGAZINES: Hakin9 Magazine | Pentest Magazine | eForensics Magazine | Software Developer's Journal | Hadoop Magazine | Java Magazine
IT Blogs: Hakin9 Magazine Blog | Pentest Magazine Blog | eForensics Magazine Blog | Software Developer's Journal Blog | Hadoop Magazine Blog | Java Magazine Blog
IT ONLINE COURSES: Pentest Laboratory
JOB OFFERS FOR IT SPECIALIST: Jobs on Hakin9 Magazine | Jobs on Pentest Magazine | Jobs on eForensics Magazine | Jobs on Software Developer's Journal | Jobs on Java Magazine | Jobs on Hadoop Magazine
Hakin9 Media Sp. z o.o. Sp. komandytowa ul. Postępu 17D, 02-676 Warszawa