Recent finding on ASP.NET is posted on security tracker.
Read Here
This blog is created to keep track of my activities and place holder for sharing. Enjoy!
Tuesday, May 24, 2005
Monday, May 23, 2005
Domain Footprinting Paper
Featured on HNS and also posted on infosecwriters. The methodology discussed in the paper is implemented in wschess toolkit.
Read Here
OR
Read Here
wschess you can down load from here
Download
Read Here
OR
Read Here
wschess you can down load from here
Download
Wednesday, May 18, 2005
ASP.NET web services advisory
Microsoft ASP.NET Web Services.
Unhandled exception leads to file system disclosure and SQL injection.
Read Here
Unhandled exception leads to file system disclosure and SQL injection.
Read Here
Tuesday, May 17, 2005
wschess beta 1.2 release
Changes are as follows
1. Doamin footprinting is added to wspawn. Methodlogy is discussed in paper [Read]
2. wspawn threading is much more controlled now with option to stop.
3. wspawn's command line is also posted which can run under linux with mono.
Planning to add few more audit/attack modules for xpath,xss,ldap etc in wsknight in next release.
1. Doamin footprinting is added to wspawn. Methodlogy is discussed in paper [Read]
2. wspawn threading is much more controlled now with option to stop.
3. wspawn's command line is also posted which can run under linux with mono.
Planning to add few more audit/attack modules for xpath,xss,ldap etc in wsknight in next release.
Friday, May 13, 2005
Monday, May 09, 2005
Subscribe to:
Posts (Atom)