|
|
Robr
Robr
 |
|
Stories submitted by Robr
|
|
submitted by
Robr
6 months, 13 days ago communities.hp.com — Microsoft worked with the HP Web Security Research group to release the Scrawlr tool. The tool will crawl a website, simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. This will allow an IT/DB admin to easily find vulnerabilities similar to the ones that have been used to compromise sites in recent attacks. No source code is required to run this tool. From a starting URL, the tool recursively crawls that URL in order to build up a site tree that will be then analyzed for SQL injection vulnerabilities. read more...
add a comment
|
category:  Security | Views: 15
| 
|
tags:
SQLInjection, Security, Scrawlr | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
7 months, 19 days ago portal.spidynamics.com — Follow-up post to "Static Code Analysis Failures" and introduction to the concept of Hybrid Analysis. read more...
add a comment
|
category: Security | Views: 5
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
7 months, 19 days ago portal.spidynamics.com — Static code analysis failures are costing enterprises money and reputation. White-box security testing is inherently a flawed proposition for many reasons -but it all comes down to a very simple concept: Machines do not execute source code, they execute machine code (compiled code). read more...
add a comment
|
category: Security | Views: 5
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
8 months, 30 days ago portal.spidynamics.com — It's 2:34am, local time. You're snoring up a storm after a hard day at the office. You've patched all your servers, your lockdown scripts have been verified, and your IDS is humming along perfectly. Oh, and by the way, someone named "R0kk1t" just stole your customer database. A quick check of the "Security Dashboard" when you get in at 8:00am will show everything is green... You have a serious problem. read more...
add a comment
|
category: Security | Views: 0
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
9 months ago code.google.com — The purpose of the ESAPI is to provide a simple interface that provides all the ordinary security functions a developer is likely to need in a clear, consistent, and easy to use way. The ESAPI architecture is very simple, just a collection of classes that encapsulate the key security operations most applications need. read more...
add a comment
|
category: Security | Views: 2
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
9 months ago blogs.msdn.com — ASP.NET preventing phishing with SafeRedirect implementation behind Response.Redirect. Calls to SafeRedirect.Redirect will only succeed if the specified URL belongs to a predefined “whitelist” of known good domains specified in the application’s configuration file. read more...
add a comment
|
category: Security | Views: 2
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
9 months, 7 days ago portal.spidynamics.com — What is an application defect? How is that different from a security vulnerability? Historically, security vulnerabilities have been in a class all their own. In an attempt to put some urgency to the matter, security professionals have labeled defects in the security of their projects as an entirely different thing than a functional defect. read more...
add a comment
|
category: Security | Views: 0
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
1 year, 2 months ago blogs.msdn.com — As a security guy, I can safely say that there is no magic bullet to mitigate any security problems completely, and cross-site scripting(XSS) bugs are not exceptions. read more...
add a comment
|
category: Security | Views: 1
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
published 1 year, 2 months ago, submitted by
Robr
1 year, 2 months ago waterhobo.com — Guy built a motion sensing water gun to scare rabbits out of his garden. AForge.NET used. Awesome! read more...
6 comments
|
category:  Other | Views: 19
| 
|
tags:
AForge.NET | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
1 year, 2 months ago spidynamics.com — These days, the biggest threat to an organization’s network security comes from its public Web site and the Web-based applications found there. Unlike internal-only network services such as databases—which can be sealed off from the outside via firewalls—a public Web site is generally accessible to anyone who wants to view it, making application security an issue. read more...
add a comment
|
category: Security | Views: 0
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
1 year, 2 months ago spidynamics.com — Some of the most common and dangerous application security vulnerabilities that exist in ASP.NET Web-based applications come not from the C# or VB.NET code that make up its pages and service methods, but instead from the XML code that makes up its Web.config files. read more...
add a comment
|
category: Security | Views: 1
| 
|
tags:
Security | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
1 year, 2 months ago codinghorror.com — Do you love GUIDs? read more...
| 
|
tags:
RegEx | tag it
Everyones tags: | Your tags: | |
|
|
|
|
|
submitted by
Robr
1 year, 3 months ago blogs.msdn.com — There are some pretty good Home Automation packages out there on the market. Some of these are made for installers and are thus closed to easy customization by the end user. Then there are packages that are made for hobbyists. These have good core automation systems, and provide some add-in points for customization. read more...
| 
|
tags:
WWF | tag it
Everyones tags: | Your tags: | |
|
|
|
|
Sponsored Link: www.carlist.ie
Ads by The Lounge
|