Blog Posts Tagged with "Scripting"

7e364bbac217114a59e547b354e7f7ad

What’s Wrong with WAFs and How to Hack Them - Part 2

February 07, 2012 Added by:Gary McCully

In attempts to prevent XSS attacks many organizations block or HTML encode special characters (<, >, "). In order to be fair I will admit that this prevents many successful XSS attacks, but at the end of the day many of these web applications are still vulnerable to XSS...

Comments  (0)

Bddd055f2567b4952d8416e168aace64

Web Insecurity: 7 Steps We Should Demand of Advertisers

September 12, 2011 Added by:Chris Weber

The advertising industry can should mitigate the threat of malware by constraining the capabilities of scripting to address arbitrary content, proxying content, and filtering content for malware. Here are seven security essentials that web servers and advertisers must undertake...

Comments  (0)

4ed54e31491e9fa2405e4714670ae31f

Meterpreter Script – Deploy_nmap.rb

August 09, 2011 Added by:Kyle Young

I programmed a meterpreter script that downloads the latest stable version of nmap from www.insecure.org and then deploys nmap onto the victim’s machine. You could then use the victim’s machine to do vulnerability scanning with nmap’s scripting engine...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Interesting DNS Stuff - SRV Records

March 26, 2011 Added by:Rob Fuller

The following are good adds to your DNS brute force list. These are all SRV records so make sure your type is set correctly. SRV records tell you the port in the answer. I don't know of any DNS tools that utilize SRV as part of their process, but scripting dig to do so isn't tough...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Learn a Scripting Language to Make Security Work Easier

March 07, 2011 Added by:Brent Huston

Understanding programming logic basics is a huge plus for security folks who might have a more network/systems-centric background. It will help you understand a lot more about how applications work in your environment and how to best interact with them in ways to protect them...

Comments  (6)