Blog Posts Tagged with "Scripting"


What’s Wrong with WAFs and How to Hack Them - Part 2

February 07, 2012 Added by:Gary McCully

In attempts to prevent XSS attacks many organizations block or HTML encode special characters (<, >, "). In order to be fair I will admit that this prevents many successful XSS attacks, but at the end of the day many of these web applications are still vulnerable to XSS...

Comments  (0)


Web Insecurity: 7 Steps We Should Demand of Advertisers

September 12, 2011 Added by:Chris Weber

The advertising industry can should mitigate the threat of malware by constraining the capabilities of scripting to address arbitrary content, proxying content, and filtering content for malware. Here are seven security essentials that web servers and advertisers must undertake...

Comments  (0)


Meterpreter Script – Deploy_nmap.rb

August 09, 2011 Added by:Kyle Young

I programmed a meterpreter script that downloads the latest stable version of nmap from and then deploys nmap onto the victim’s machine. You could then use the victim’s machine to do vulnerability scanning with nmap’s scripting engine...

Comments  (0)


Interesting DNS Stuff - SRV Records

March 26, 2011 Added by:Rob Fuller

The following are good adds to your DNS brute force list. These are all SRV records so make sure your type is set correctly. SRV records tell you the port in the answer. I don't know of any DNS tools that utilize SRV as part of their process, but scripting dig to do so isn't tough...

Comments  (1)


Learn a Scripting Language to Make Security Work Easier

March 07, 2011 Added by:Brent Huston

Understanding programming logic basics is a huge plus for security folks who might have a more network/systems-centric background. It will help you understand a lot more about how applications work in your environment and how to best interact with them in ways to protect them...

Comments  (6)