-
§Samy’s explanation http://namb.la/popular/ §Yamanner source code attachment http://groovin.net/stuff/yammer.txt §Earlier Yahoo Mail XSS vulnerability using STYLE onload attribute: http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040599.html §Earlier Yahoo Mail vulnerability using commented </form>: http
-
We just opened up a new webcast that involves me and Joel Scambray talking about our new book Web Hacking Exposed 2. We throw in some great webhacking examples. Should be fun to watch. If you have any feedback on it let me know https://download.spidynamics.com/Registration/hackingexp_web.asp
-
We actually talked about doing that in depth a couple of years ago. The only thing that keeps us from really developing an agent is the fact that customers don't seem to want it. Most enterprise customers that we talk to shudder at the thought of installing an agent on the webserver even if it makes the scans more accurate and obviously much faster
-
The below regex will match any subdirectories of the directory 'dir' /dir/[^/]+/
-
If what you are referring to is a history of all the policies that you have used during all your scans then no Webinspect does not have any ability for you to view that in your dashboard. You can open up each saved scan and view the policy that you used in that scan or you can generate a report and pick all the previous scans that you selected and choose
-
No none at all. Webinspect does not make any changes to the system or the web application during its scan. There is one possibility - Webinspect could have crawled an administrative section of the website that was not authenticated. In this instance damage can definitly be done and permissions could have changed.
-
What you are trying to say is that this website is written in ASP but you have an applet on one of the pages and after you ran a webinspect scan the permissions for the directory where the applet resides on the webserver was changed? Is that correct?
-
I thought this was hilarious. Two hacks one for getting access to the debug menu on coke machines (which works on our machine in the office) and one for obtaining a "free 2nd coke". Nice to see creativity is still alive. Coke Debug Menu: http://www.i-hacked.com/content/view/12/48/ http://justinhazen.com/poptrick/
-
Erik, When are you going to change that very lame photo to something better. For some reason it bothers me to no end. :)
-
This is my first post to the SPI forum. :)