This website uses cookies for security purposes only. We do not track you or see your data.
Privacy Overview
Security tools
-
Autodafe fuzzer compile fix
I wanted to take a look at an old fuzzer called AutoDafe because its name popped up in several papers…
-
Vulnerable web applications to play with
This is just a list with applicaitons and frameworks out there that could be used to test your web application…
-
Doxygen & PHP static code analysis call graphs
This post is more to document my own “discovery” and not to get into the loop of researching the same…
-
Automatic code analysis by Deutsche Telecom
The Developer Garden (Deutsche Telecom “ecosystem”) announced a new service – automatic code analysis for applications developed using the following…
-
Fix metasploit “Database not connected or cache not built”
This is a short post explaining how to deal with metasploit instance not connected to its database (I’m using the…
-
Malware Sandbox – Free Public Cuckoo instance
I’m writing this down for my own reference and if someone else benefits this I’ll be more than happy. Here…
-
Kali Linux – the new toy from Offensive Security
I’m very pleased to write this down – Offensive Security (the maker of Backtrack distro) came up earlier this month with…
-
HTTP Basic Authentication Dictionary and Brute-force attacks with Burp Suite
HTTP Basic Authentication brief explanation HTTP supports several authentication mechanisms. Upon a request for resource within a protected space the…
-
Security source code review scoping questionnaire – v 2
Here is amended version of the security source code review questionnaire. I added couple of questions and reworded couple of…
-
Web application security assessment scoping questionnaire
I’ve got frustrated couple of days ago when I needed to send quickly a scoping questionnaire focusing on web application…
Recent Posts
Tags
bruteforce bug bounty bug hunting Burp Suite colossus d3 data leak data recovery dictionary entropy pool fix fuzzing hackaday image processing log analysis malware mindmap Practical Reverse Engineering randomness sandbox SANS skype SQL injection SSL Team GhostShell technical visualisation Vulnerability Management Wanda the fish Zeus