Security
splmap 0.6 released
My friend inquis today released one of the best SQL injection tools available to the public: sqlmap.
For the ones of you that do not know this tool yet, sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it [...]
A browser as web hacking platform
A list of Firefox plugins to turn your browser in an hacking platform. This is an improved list based on "Turning Firefox to an ethical hacking platform" from Security-Database.com
Information gathering
Whois and geo-location
ShowIP
: Show the IP address of the current page in the status bar. It also
allows querying custom services by IP (right mouse [...]
Kaminsky DNS Vulnerability for dummies
The easiest and best explanation of Dan Kaminsky DNS Vulnerability that i found on the Net:An Illustrated Guide to the Kaminsky DNS Vulnerability by Steve Friedl
Database datatype comparison sheet
Sometimes when writing automated SQL injection tools or exploit based on SQLi vulnerabilities you can fight with the different implementation of standard SQL datatype of DBMS.Reading a lot of documentation i wrote a comparison sheet between datatypes used by Mysql, SQL Server, Oracle, DB2, SQLite, PostgreSQL, Sybase ASE, Firebird.You can download Adobe Acrobat [PDF] or [...]
My del.icio.us, link di sicurezza informatica and so on..
Ricordo a tutti quelli che in preda alla navigazione senza meta cercano qualche link decente di sicurezza informatica et similia di farsi una capatina al mio del.icio.us dove potreste trovare qualcosa di molto carino o molto perverso, a seconda dei punti di vista.
Link: http://del.icio.us/jekilcoso